urlscan.io logo urlscan.io
SecurityTrails logo

payment.meshotet.co.il Open in urlscan Pro
212.150.101.186  Public Scan

Go To Rescan Add Verdict Report
URL: https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Submission Tags: falconsandbox
Submission: On October 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 75 HTTP transactions. The main IP is 212.150.101.186, located in Daliyya, Israel and belongs to NV-ASN CELLCOM ltd., IL. The main domain is payment.meshotet.co.il.
TLS certificate: Issued by R3 on August 26th 2021. Valid for: 3 months.
This is the only time payment.meshotet.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 212.150.101.186 1680 (NV-ASN CE...)
15 142.250.186.66 15169 (GOOGLE)
1 157.240.236.35 32934 (FACEBOOK)
1 172.217.16.130 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
14 142.250.185.66 15169 (GOOGLE)
2 142.250.184.202 15169 (GOOGLE)
15 142.250.185.129 15169 (GOOGLE)
3 142.250.186.98 15169 (GOOGLE)
5 172.217.16.131 15169 (GOOGLE)
3 4 142.250.185.164 15169 (GOOGLE)
6 142.250.186.67 15169 (GOOGLE)
75 13
10    212.150.101.186 (Daliyya, Israel)

ASN1680 (NV-ASN CELLCOM ltd., IL)
PTR: vyot.raid.co.il
payment.meshotet.co.il
15    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
1    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
partner.googleadservices.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
adservice.google.com
14    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads.g.doubleclick.net
2    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
15    142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googletagservices.com
5    172.217.16.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f3.1e100.net
www.gstatic.com
4    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
6    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
15 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
15 pagead2.googlesyndication.com payment.meshotet.co.il
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
tpc.googlesyndication.com
www.googletagservices.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
10 payment.meshotet.co.il payment.meshotet.co.il
6 fonts.gstatic.com fonts.googleapis.com
5 www.gstatic.com googleads.g.doubleclick.net
4 www.google.com 3 redirects tpc.googlesyndication.com
3 www.googletagservices.com googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.facebook.com payment.meshotet.co.il
75 12

This site contains no links.

Subject Issuer Validity Valid
payment.meshotet.co.il
R3		 2021-08-26 -
2021-11-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 15 frames:

Primary Page: https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Frame ID: 0F2450217B7ADBDDEE9492DDBBB4F7BF
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&width=200&layout=button&action=like&show_faces=true&share=true&height=80&appId=405620709480777
Frame ID: 4DA0E410EC9B69102C699A65C16B3457
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Frame ID: 6820D387937BE5FDADD2048CDF68ADE4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Frame ID: 43DC74B8D1C18BE898ADDF10FA4DCB45
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Frame ID: B7945F9D75581203283ACF700F8054B1
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 35F2539AEBCD5F9E6A0C0BA27C7458C5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 359C8018F227A459DA8D915819AC3329
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: B7616176F34DB41A915FAFC88E417F3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: ABCC177AD9C6312D71004EA793A03C11
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: 3AE63631220256E37AAEA2C5BF9C8B46
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: D95CAA29C1DD7AE2604AFC9FB72DB771
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: FFF22116EB2EAC86EF9F9FD8933A09C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&adk=1812271804&adf=3025194257&lmt=1633258186&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258186132&bpp=2&bdt=1177&idt=2&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7ed8f0db93001c68-2220b859e4ca0046%3AT%3D1633258185%3ART%3D1633258185%3AS%3DALNI_MZ63UFXhQ0KOoo4RSMrniVbGFmFrA&prev_slotnames=9307384039%2C5779015096%2C7481696310&nras=1&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&psts=AGkb-H-iWyxjc2fVQJ8c2S97c_F6XRgRD_ziN85FfCw_agMNiztQYYvcS3939mt-DzhRi6P6ZGyXFnDmjQ%2CAGkb-H--wn8e8Xityfv4VCypwZb4hmpxVOQLgHrHRIuwClViNe3UvQ4OYspdA81-U5lVK3IXW214sLmcyXU%2CAGkb-H8I_4Zg6cEU68XA3Q235ju5G50C0jpoojax_NWYy86omlwCUKJy4u4qAKAhHT9qKu0DsnlBFWA2al0&pvsid=3308432056610186&pem=874&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=17
Frame ID: 862C337FE7C6540EF59A7264197D43B7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6B5E05828E24768F3BAEAF3111286EDC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80A4B14EF0708AAD0C5D05B03B2456F2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

תשלום רשיון רכב | חידוש רשיון רכב

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

75
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

13
IPs

3
Countries

781 kB
Transfer

1767 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 57
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 60
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

75 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
0f97d243c676fadb5eed75ac9b733ce2a06d1dd7f30c0f6b43b3f2f759a7fab4

Request headers

Host
payment.meshotet.co.il
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 03 Oct 2021 10:49:44 GMT
Server
Apache/6.6.6
Set-Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Pragma
no-cache
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
Content-Length
1775
Keep-Alive
timeout=2, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
site.php
payment.meshotet.co.il/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/css/site.php
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
55d8fc52238a44b40deef0d9b1db3e4c0fecd8d69bc1eea1852af7fb9e432f0a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Oct 2021 10:49:44 GMT
Content-Encoding
gzip
Server
Apache/6.6.6
Vary
Accept-Encoding,User-Agent
Content-Type
text/css;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
1266
Expires
Thu, 19 Nov 1981 08:52:00 GMT
slider.css
payment.meshotet.co.il/css/ 		0
355 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/css/slider.css
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Oct 2021 10:49:44 GMT
Server
Apache/6.6.6
Vary
User-Agent
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
Content-Length
0
Expires
Thu, 19 Nov 1981 08:52:00 GMT
logo.png
payment.meshotet.co.il/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.meshotet.co.il/images/logo.png
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
40c361328f9928215ac5a6e82d40380caa33766097e5fa778735b3dde6de844d

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 03 Oct 2021 10:49:44 GMT
Last-Modified
Thu, 25 Oct 2012 12:40:20 GMT
Server
Apache/6.6.6
ETag
"d92-4cce1818c3500"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
3474
Expires
Tue, 02 Nov 2021 10:49:44 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		112 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
1db3f07e68acf7af3d77f524418fc27631f604f3d64db6d8e43cca81666883f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40447
x-xss-protection
0
server
cafe
etag
18111021241897322189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Oct 2021 10:49:45 GMT
payment_website_ext.png
payment.meshotet.co.il/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.meshotet.co.il/images/payment_website_ext.png
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
33953d06239abdbd561a85c109e97629b1b01bbcfc01b910b0fc423c76f27f25

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 03 Oct 2021 10:49:44 GMT
Last-Modified
Sun, 28 Oct 2012 17:26:42 GMT
Server
Apache/6.6.6
ETag
"5c05-4cd21db32d880"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=97
Content-Length
23557
Expires
Tue, 02 Nov 2021 10:49:44 GMT
like.php
www.facebook.com/plugins/ Frame 4DA0 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&width=200&layout=button&action=like&show_faces=true&share=true&height=80&appId=405620709480777
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?href=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&width=200&layout=button&action=like&show_faces=true&share=true&height=80&appId=405620709480777
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
ct/nhd8nvG8CY7n7NQWow9+vO4OzU8ryf128J41AY4JA/BV3AMi2vd7w7gegQv8MUZDjV3F8QCCs3C88KW5N/w==
content-length
0
date
Sun, 03 Oct 2021 10:49:45 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
browsers.css
payment.meshotet.co.il/css/ 		351 B
644 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/css/browsers.css
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/css/site.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
cfbb08f37e3ee4b7f0fed7f11bc875f01212f87932f2513ac3f112f20fca44b7

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://payment.meshotet.co.il/css/site.php
Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/css/site.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 03 Oct 2021 10:49:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2011 13:44:18 GMT
Server
Apache/6.6.6
ETag
"15f-4b1c62f0f1080-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
226
Expires
Mon, 03 Oct 2022 10:49:44 GMT
menu.php
payment.meshotet.co.il/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://payment.meshotet.co.il/css/menu.php
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/css/site.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
5fa4c8526fbcf45dbe2cf7f27d6bda6c3bf9d0bafbf29d356f2d7d126e91754f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://payment.meshotet.co.il/css/site.php
Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/css/site.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Oct 2021 10:49:44 GMT
Content-Encoding
gzip
Server
Apache/6.6.6
Vary
Accept-Encoding,User-Agent
Content-Type
text/css;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
724
Expires
Thu, 19 Nov 1981 08:52:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/ 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
94cfe0e7f05a53a4381439225e7467af76d1b3e3c7969c04f2fd0756e4b69209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97122
x-xss-protection
0
server
cafe
etag
2748859267989515757
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 03 Oct 2021 10:49:45 GMT
headerBG.png
payment.meshotet.co.il/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.meshotet.co.il/images/headerBG.png
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/css/site.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
bed15b50fbf91f9873f5ede25e400ea120be329eb3252ced96aa0e9357b5f413

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://payment.meshotet.co.il/css/site.php
Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/css/site.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 03 Oct 2021 10:49:44 GMT
Last-Modified
Thu, 25 Oct 2012 12:42:22 GMT
Server
Apache/6.6.6
ETag
"b29-4cce188d1c780"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
2857
Expires
Tue, 02 Nov 2021 10:49:44 GMT
searchSubmit.png
payment.meshotet.co.il/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.meshotet.co.il/images/searchSubmit.png
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/css/site.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
f5f0c42fa13f46ee21f52fe2d05a7fa05ba53c1e0149129d168444e801523c80

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://payment.meshotet.co.il/css/site.php
Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/css/site.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 03 Oct 2021 10:49:44 GMT
Last-Modified
Thu, 25 Oct 2012 12:51:30 GMT
Server
Apache/6.6.6
ETag
"dba-4cce1a97b9880"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=99
Content-Length
3514
Expires
Tue, 02 Nov 2021 10:49:44 GMT
btnFullScreen.jpg
payment.meshotet.co.il/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://payment.meshotet.co.il/images/btnFullScreen.jpg
Requested by
Host: payment.meshotet.co.il
URL: https://payment.meshotet.co.il/css/site.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.150.101.186 Daliyya, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
vyot.raid.co.il
Software
Apache/6.6.6 /
Resource Hash
c1fcdc9e9342175de9616247f9d335abab55479a4d2411f260ea1d48e547bd12

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
payment.meshotet.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://payment.meshotet.co.il/css/site.php
Cookie
PHPSESSID=cf7f8b4afe8b2e38b66fc70f5480ea87
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/css/site.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sun, 03 Oct 2021 10:49:44 GMT
Last-Modified
Wed, 26 Dec 2012 18:31:56 GMT
Server
Apache/6.6.6
ETag
"5ff2-4d1c5a520df00"
Content-Type
image/jpeg
Cache-Control
max-age=2592000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=2, max=100
Content-Length
24562
Expires
Tue, 02 Nov 2021 10:49:44 GMT
cookie.js
partner.googleadservices.com/gampad/ 		204 B
661 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=payment.meshotet.co.il&callback=_gfp_s_&client=ca-pub-8330060489921088
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
1d7b583ed5aa4e79e18b020773db8e35d658c4eb753e2217a8b8bc219049fc59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=payment.meshotet.co.il
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Oct 2021 10:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6820 		87 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3d474566536540ff139bb2513f0a00ebc6f5eec3c9dc436b4df8916295e75e4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 03 Oct 2021 10:49:45 GMT
server
cafe
content-length
27748
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 03-Oct-2021 11:04:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Oct 2021 10:49:45 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 43DC 		67 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
fe19dfa4f93c5493357224dea05c8168daa0ea6745ada42adecac61030558ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 03 Oct 2021 10:49:45 GMT
server
cafe
content-length
25325
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 03-Oct-2021 11:04:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Oct 2021 10:49:45 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B794 		93 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
b1bf5d8b45fcb763efdf27024c02b7ffeb5e106d0de99efee92c24f2432cf7cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 03 Oct 2021 10:49:45 GMT
server
cafe
content-length
29735
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 03-Oct-2021 11:04:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Oct 2021 10:49:45 GMT
cache-control
private
css
fonts.googleapis.com/ Frame 6820 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CHeebo%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
7fc5100a04bfa41ef94b6419b3c89c9b9722476e6452c604b62310fa91dfcfc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 03 Oct 2021 09:18:45 GMT
server
ESF
date
Sun, 03 Oct 2021 10:49:45 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 03 Oct 2021 10:49:45 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 6820 		1 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:34:23 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 6820 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:45:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 6820 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:44:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6820 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sun, 03 Oct 2021 10:49:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 6820 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:42:54 GMT
a05f1579543550f3e279366fb116adbd.js
www.gstatic.com/mysidia/ Frame 6820 		27 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11147
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 01:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sat, 01 Jan 2022 08:29:03 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6820 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cj2g2yYpZYbS0E8KN7gOD2LPABb24l7Rlkf6hkfUF9t7u444OEAEgkcXmCWD5BaABlpeu0wPIAQGpAoX8tJ-U3pQ-qAMByAPDBKoEjwJP0EJsN24_7K5c8SnV5tdiZ3Eqca24hVDXwSpco7CjVpWkd-AiHC7kyz99BlVd1YxQLizweOGZuPXTBz2qjOn7UTROq_ejg5Ar2MC_ZUSEHKiDuuMKDFbRzgUeAa21dGU5fQXj2MFaPdvwF0EOO9GUvpYpPLEI30fXPttRMxlJuEgOkVXLnM4kysIMpd9_vUVt215GHxSFrzUwDXGMmaoy-ZQvEASBiuDbnScLF5VxUzb1JMfQwootduQ4jSjd5YkBJgssQDDEtfVbX1FFUDg1W89cmY-tepPeBt_jhzEnMqfAeyL_Cgrj6gRH73Z717LURu18YhEtTBKvBojfP3JsOY6B56rB8_6WDp2EjfVLwAS8j5X7qwGSBQQIBBgBkgUECAUYBKAGUYAH0ujRLKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQhvkS0ggHCIBhEAEYX4AKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi04MzMwMDYwNDg5OTIxMDg4GAA&sigh=02hmENG_Pzk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 03 Oct 2021 10:49:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 03 Oct 2021 10:49:45 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 35F2 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 03 Oct 2021 10:34:13 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
932
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 35F2
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlb2GgRnhdJu7mu6lQqiRRfBOvwJhaSTp_5h75Krkk8XAbrewow51lgFrueh54
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 03 Oct 2021 10:49:45 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 03-Oct-2021 11:49:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Oct 2021 10:49:45 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 03 Oct 2021 10:49:45 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6820 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
504fcf0b0ad515a768605ff7b5ec6290788f4844349f89b121edb553f99f183c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v12/ Frame 6820 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v12/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CHeebo%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 14:29:55 GMT
x-content-type-options
nosniff
age
591590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27116
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:13:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 14:29:55 GMT
NGS6v5_NC0k9P9H0TbFzsQ.woff2
fonts.gstatic.com/s/heebo/v12/ Frame 6820 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v12/NGS6v5_NC0k9P9H0TbFzsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CHeebo%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
d9b88343337412fe7e751c26f04a69320f78337bd24c0d1c1f61be58d00f0c92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 14:19:23 GMT
x-content-type-options
nosniff
age
592222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8924
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:55:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 14:19:23 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 6820 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CHeebo%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 19:16:07 GMT
x-content-type-options
nosniff
age
401618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 19:16:07 GMT
8206941789588133149
tpc.googlesyndication.com/daca_images/simgad/ Frame 43DC 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/8206941789588133149
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
fe86c76a5240d367d1de769cc0c2d5aea9d7fd9224dc947c0a449ed6824f5517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 05:41:31 GMT
x-content-type-options
nosniff
age
277694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53542
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 04:54:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Sep 2022 05:41:31 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 43DC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:45:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 43DC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:44:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 43DC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:42:54 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 43DC 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sun, 03 Oct 2021 10:49:45 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 43DC 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11096
x-xss-protection
0
server
cafe
etag
8885281346021324493
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 08:21:54 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 43DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CaEoGyYpZYai6E8eL7gPT96iACrH_99ZhoKDU_tQNq6u7vs0BEAEgkcXmCWD5BaABw5rCkgPIAQKoAwHIA8kEqgSNAk_QXRdqT5feSKpyaaNgywMEaKqnIMfh7PIsvxAU_KKOiilOC5TtfvM3s-Is26l3Jzex9PShQioobvRoQ25xp3ACzLstjkSODpSZKossWbub-IbV1wQdRFXDBlXwoCCmw30rQPXBD2_ZuQhDBikf1XBsCYSLZxm88HfreSFLC-YuLBAoEWt9Udtf_ScwmxjcZzd3IrYVjaNz7kUdF31AvpO7OVomwirmUK9MR0pXvLaqvsyMvhNo3xkpC3YT7GrwB9MECaxcrnGQFDkE6qAIB6HqQuhqYvWidSSpI9ngXr2t1NC4pIfD6pKb69rMdgLLovAKuuOnkGyY2NlUAMMCFEzDOQqtxfPdn1f177SBwASLgP6w7wKSBQQIBBgBkgUECAUYBKAGAoAHpeW9bagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQou8D0ggHCIBhEAEYX4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04MzMwMDYwNDg5OTIxMDg4GAA&sigh=qT4sEgHuqQg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 03 Oct 2021 10:49:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
b349715971fc02f992e4cc58b88ce41f.js
www.gstatic.com/mysidia/ Frame B794 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b349715971fc02f992e4cc58b88ce41f.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 14:00:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3166
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 01:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Fri, 31 Dec 2021 14:00:33 GMT
css
fonts.googleapis.com/ Frame B794 		3 KB
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CHeebo%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
7fc5100a04bfa41ef94b6419b3c89c9b9722476e6452c604b62310fa91dfcfc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 03 Oct 2021 09:33:02 GMT
server
ESF
date
Sun, 03 Oct 2021 10:49:45 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sun, 03 Oct 2021 10:49:45 GMT
5e27231aceb2c30417d4aeea800135bf.js
www.gstatic.com/mysidia/ Frame B794 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5e27231aceb2c30417d4aeea800135bf.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
221fc39f9a7a3241ddd37b347af8eb6e69f8fe1e41d70038c20c97a4959e3614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:30:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
487178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4751
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 03:50:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sun, 26 Dec 2021 19:30:07 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame B794 		1 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
922
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:34:23 GMT
73d20653c468917643ebea5bb9d6b360.js
www.gstatic.com/mysidia/ Frame B794 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/73d20653c468917643ebea5bb9d6b360.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
4f01b4fcb2074527202f0f17975d97d454ce493027338ae3bfe0315cddafe3db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 03:01:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
373669
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2530
x-xss-protection
0
last-modified
Sun, 26 Sep 2021 02:20:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 28 Dec 2021 03:01:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame B794 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
266
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:45:19 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame B794 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:44:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:44:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B794 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:49:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
server
sffe
etag
"1633087504575570"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Sun, 03 Oct 2021 10:49:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame B794 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Oct 2021 10:42:54 GMT
a05f1579543550f3e279366fb116adbd.js
www.gstatic.com/mysidia/ Frame B794 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a05f1579543550f3e279366fb116adbd.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f3.1e100.net
Software
sffe /
Resource Hash
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 08:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11147
x-xss-protection
0
last-modified
Tue, 28 Sep 2021 01:21:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Sat, 01 Jan 2022 08:29:03 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 359C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlb2GgRnhdJu7mu6lQqiRRfBOvwJhaSTp_5h75Krkk8XAbrewow51lgFrueh54; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 03 Oct 2021 10:34:13 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
932
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 43DC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0f9fce076b689d6ba1e3c2d2ac96d5766c5a4cb81c4008c8b76295c93ebe56f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame B761 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=9307384039&adk=3654359874&adf=4054489202&pi=t.ma~as.9307384039&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185175&bpp=26&bdt=220&idt=88&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&correlator=1665406626697&frm=20&pv=2&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=84&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dPmsoAXqMx&p=https%3A//payment.meshotet.co.il&dtd=103
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
66321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 02 Oct 2022 16:24:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B794 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ck_gbyYpZYZu5E87w-gbnn5SYDL24l7Rlkf6hkfUF9t7u444OEAEgkcXmCWD5BaABlpeu0wPIAQGpAoX8tJ-U3pQ-qAMByAPDBKoEmAJP0FKOS0s-n8Igfl808w5GUWHZcNhuFrBYtXUTP_8WeF5vRFqenAjZGdke6vKxka5hC264gVwYyqFJ26ycaLWeXorHeWvTWsp6gGidGgwE9YJiDjD6yRRD08x5ZvG_-ImvoSqTbarFAxppjaEL5BjxL13UHUm4IFCvyDcf2kDYRQJZkEWnvfzAu0XKZuas39Tb26pz4jl66OK6dN3vB8BPa4p83tqQgpLmQURpHHkNPQUr4JSJTHz2rrbSqFyf5F9CNFortMmg6YcoA8sVxRICmBPFrWuqSnfEuDBTJZP1G8-09YQ0IzxSCD4c-o9TWv5ZevQun1gmUc6L9RKsY5yL6plOSUNqAL6xxvXG-vTzt-EsqU3uLuzWwAS8j5X7qwGSBQQIBBgBkgUECAUYBKAGUYAH0ujRLKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQzZYQ0ggHCIBhEAEYX4AKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi04MzMwMDYwNDg5OTIxMDg4GAA&sigh=86OfbyUw96c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 03 Oct 2021 10:49:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame ABCC 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlb2GgRnhdJu7mu6lQqiRRfBOvwJhaSTp_5h75Krkk8XAbrewow51lgFrueh54; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 03 Oct 2021 10:34:13 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
932
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B794 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ab9190fb83fe28a765e5e4af8b137a4f478728719603dc3a5f1c6a999d6d194

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v12/ Frame B794 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v12/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CHeebo%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 14:29:55 GMT
x-content-type-options
nosniff
age
591590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27116
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:13:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 14:29:55 GMT
NGS6v5_NC0k9P9H0TbFzsQ.woff2
fonts.gstatic.com/s/heebo/v12/ Frame B794 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/heebo/v12/NGS6v5_NC0k9P9H0TbFzsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CHeebo%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
d9b88343337412fe7e751c26f04a69320f78337bd24c0d1c1f61be58d00f0c92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 14:19:23 GMT
x-content-type-options
nosniff
age
592222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8924
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:55:33 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 14:19:23 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame B794 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CHeebo%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 19:16:07 GMT
x-content-type-options
nosniff
age
401618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Sep 2022 19:16:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 359C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlb2GgRnhdJu7mu6lQqiRRfBOvwJhaSTp_5h75Krkk8XAbrewow51lgFrueh54; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 03 Oct 2021 10:49:46 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 03-Oct-2021 11:49:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Oct 2021 10:49:46 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 03 Oct 2021 10:49:45 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame B794 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIAioGc2VydmVyChEIASoNYmFubmVyLW5vbG9nbwoqCAQqJm15c2lkaWFfYW5hbHl0aWNzLG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QKyEAAAAAAABDQDAECg0QAyEAAICZmc2AQDAECg0QCiEAAAAwMzMZQDAECg0QDSEAAAAAAAAAADAECgwQHioGNzI4eDkwMAQKDBAZKgY3Mjh4OTAwBAoNEA4hAAAAAAAAAAAwBAoNEAQhAABgZmYGgUAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAASEAwBAoNEAUhAADAzMwIgUAwBAoNEBAhAAAAAMBU3UAwBAoNEBEhAAAAAMDO0EAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAAAAAABwg0AwBBIaQ052QjJlLUlydk1DRlU2NDNnb2Q1dzhGd3ciCnRleHQvbWFjYXcoAw==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5e27231aceb2c30417d4aeea800135bf.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 03 Oct 2021 10:49:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 3AE6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=600&slotname=5779015096&adk=2105329952&adf=2664654941&pi=t.ma~as.5779015096&w=160&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185203&bpp=6&bdt=248&idt=81&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=320&ady=177&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=5nHtcSs0of&p=https%3A//payment.meshotet.co.il&dtd=83
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
66321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 02 Oct 2022 16:24:24 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame ABCC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlb2GgRnhdJu7mu6lQqiRRfBOvwJhaSTp_5h75Krkk8XAbrewow51lgFrueh54; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 03 Oct 2021 10:49:45 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 03-Oct-2021 11:49:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 03 Oct 2021 10:49:45 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 03 Oct 2021 10:49:45 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame D95C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&h=90&slotname=7481696310&adk=1358332770&adf=2681553333&pi=t.ma~as.7481696310&w=728&lmt=1633258185&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258185211&bpp=2&bdt=256&idt=76&shv=r20210928&mjsv=m202109270101&ptt=5&saldr=sa&abxe=1&prev_slotnames=9307384039%2C5779015096&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=552&ady=882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&pvsid=3308432056610186&pem=874&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=0NFRJVPXZt&p=https%3A//payment.meshotet.co.il&dtd=79
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
66322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 02 Oct 2022 16:24:24 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
306a4bfd44a3d49f7bf124992a7fbcd053fe1670a812306c1812608f73c855b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50834
x-xss-protection
0
server
cafe
etag
10144551912283205218
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 03 Oct 2021 10:49:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
be366b6a0ddcd4fdae120151dea76b92aca4b813a9937c229e31dd5eafc21b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Oct 2021 10:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8542
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 03 Oct 2021 10:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sun, 03 Oct 2021 10:49:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B794 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgoIAioGc2VydmVyChEIASoNYmFubmVyLW5vbG9nbwoqCAQqJm15c2lkaWFfYW5hbHl0aWNzLG15c2lkaWFfcmVsZWFzZV9wcm9kCg0QFCEAAAAAwNjyQDAECg0QFSEAAAAAAAAuQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAMDMzACHQDAEEhpDTnZCMmUtSXJ2TUNGVTY0M2dvZDV3OEZ3dyIKdGV4dC9tYWNhdygD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/5e27231aceb2c30417d4aeea800135bf.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 03 Oct 2021 10:49:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame FFF2 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210928/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlb2GgRnhdJu7mu6lQqiRRfBOvwJhaSTp_5h75Krkk8XAbrewow51lgFrueh54; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 02 Oct 2021 23:06:38 GMT
expires
Sat, 16 Oct 2021 23:06:38 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
42188
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=payment.meshotet.co.il
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 03 Oct 2021 10:49:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 862C 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8330060489921088&output=html&adk=1812271804&adf=3025194257&lmt=1633258186&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258186132&bpp=2&bdt=1177&idt=2&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7ed8f0db93001c68-2220b859e4ca0046%3AT%3D1633258185%3ART%3D1633258185%3AS%3DALNI_MZ63UFXhQ0KOoo4RSMrniVbGFmFrA&prev_slotnames=9307384039%2C5779015096%2C7481696310&nras=1&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&psts=AGkb-H-iWyxjc2fVQJ8c2S97c_F6XRgRD_ziN85FfCw_agMNiztQYYvcS3939mt-DzhRi6P6ZGyXFnDmjQ%2CAGkb-H--wn8e8Xityfv4VCypwZb4hmpxVOQLgHrHRIuwClViNe3UvQ4OYspdA81-U5lVK3IXW214sLmcyXU%2CAGkb-H8I_4Zg6cEU68XA3Q235ju5G50C0jpoojax_NWYy86omlwCUKJy4u4qAKAhHT9qKu0DsnlBFWA2al0&pvsid=3308432056610186&pem=874&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=17
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109270101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8330060489921088&output=html&adk=1812271804&adf=3025194257&lmt=1633258186&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpayment.meshotet.co.il%2Fpay%2F%25D7%25A8%25D7%25A9%25D7%2599%25D7%2595%25D7%259F-%25D7%25A8%25D7%259B%25D7%2591%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633258186132&bpp=2&bdt=1177&idt=2&shv=r20210928&mjsv=m202109270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7ed8f0db93001c68-2220b859e4ca0046%3AT%3D1633258185%3ART%3D1633258185%3AS%3DALNI_MZ63UFXhQ0KOoo4RSMrniVbGFmFrA&prev_slotnames=9307384039%2C5779015096%2C7481696310&nras=1&correlator=1665406626697&frm=20&pv=1&ga_vid=1349192540.1633258185&ga_sid=1633258185&ga_hid=1911035751&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44751037%2C31062938&oid=2&psts=AGkb-H-iWyxjc2fVQJ8c2S97c_F6XRgRD_ziN85FfCw_agMNiztQYYvcS3939mt-DzhRi6P6ZGyXFnDmjQ%2CAGkb-H--wn8e8Xityfv4VCypwZb4hmpxVOQLgHrHRIuwClViNe3UvQ4OYspdA81-U5lVK3IXW214sLmcyXU%2CAGkb-H8I_4Zg6cEU68XA3Q235ju5G50C0jpoojax_NWYy86omlwCUKJy4u4qAKAhHT9qKu0DsnlBFWA2al0&pvsid=3308432056610186&pem=874&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=17
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlb2GgRnhdJu7mu6lQqiRRfBOvwJhaSTp_5h75Krkk8XAbrewow51lgFrueh54; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 03 Oct 2021 10:49:46 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6B5E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 03 Oct 2021 01:05:56 GMT
expires
Mon, 03 Oct 2022 01:05:56 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35030
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 80A4 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
c44af7711c8439fb9f7ae0347a0b542fe947c9a26d801182d93798e5ef227388
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-C/dNPmEXjPQBNqQFfgp4gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://payment.meshotet.co.il/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sun, 03 Oct 2021 10:49:46 GMT
date
Sun, 03 Oct 2021 10:49:46 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-C/dNPmEXjPQBNqQFfgp4gw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 6B5E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 16:24:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
66322
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sun, 02 Oct 2022 16:24:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 80A4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=3308432056610186&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=3308432056610186&bg=!3N-l35vNAAZE-GIIRPg7ACkAdvg8WgF43Qrect-gnoE-i1SQeiF8yceF9OnJ0Ny5Rp8jGAmGW9qFMQIAAABfUgAAAAtoAQeZArQA3p97YDidAvFPRYux5pKlgZma3dnCiX9mxo7mHQL4VfW0mVhzYfslsDTizMsAoMu98p0PGq6GeDrc7As6u86uIk8vfw7TXvtdYJWaA7v7NKi-mRbkMCAvTbeuOuYCJxmbk5csiFROhZWuvzqPm5lc0PnDKNL2Hum1i5ACQ0Nuf2_DgKIEnanYBkTfKziKHTfTbxcIOYKwP7bpaqxTXsZ9uMOSZK6JH3AExothMJ5aOcmh-5e9CB5iLFZdHwBEEWVS3FK7C1Jxx5jzMdZuNdPS4o4cN-fuC7FqAZAFH1FNeAq1QwY9ZXa8wKvZw_IxMK2We4qGCkMGh4B8X9lORaEYmwTd0MzGlxnfzP8PSSkXN96hbdtASqCmwAB3oHD-NutsbsuMDmb2YVAZQSht7wPJJOuXTftq14PTc6Te6eb9olpSY3WverqYhFfG5rsD_GHHwlXLBkDzOlkAKPXfQ5H_s5DNR0fvSJt_TJHwPNbkm83F3dvdMmlMYhMaANmjLbjCw4Waxm_lWm3UOKjP8sxzTHsanRZuwePLUVT3ITMnG8mE91DwdrFVnwOS7h7xgPWsUT9wjtiDwNvF1zNbBm5AkT8LmckERp-o8XGXSPhaDiZ61d7T1OkTnbud5sQ2xl9rv-JZnc1M0FyFCqUT8oyd-W9xtHBtCSu-S49Y55C4PI6Fqwvg0ucM19Bxz31peaucBWABFrBYoPavxJG1b2TuDCcSvVfI_zZTd6FMdGcPRONJ8QbueGUvflZeEejlgb5mhKt0wUudXPLhEiHp9ln3Oft2KahCXuAY0G0ipGUagEWPdBC4jQZ3Vl9Z0oHy-aFDliIyUsFyFmky_ViDenlsf--oM8jfVGH4vo6nsoy3AhQlauzjg0NNE4CykR5MKIEEW24ADj9sgT5MG9WI9Ssx73ngXw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://payment.meshotet.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 6820 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbCy_39zQzswC-I-9W56gOmFxlHrUB0v2RJ95F2Nt8rjvFsdjvJCmCx80muPGj20LdUAN7gVGECoANCz51Zva5yUZSK76enfhzbp8ylR0A58OJbLo&sai=AMfl-YSwxN5KtOhBBG7q-ckx-mRw8chCeqryBKg-rCL5OePnHk9svlvuZlj3obmOPeHvU4T9VhHjapKiVhpV&sig=Cg0ArKJSzFifZNm-5tsLEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3654359874&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633258185280&rpt=496
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Oct 2021 10:49:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 43DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvo9vRdjcXUIdM0vuGgi7fMexlGvdifgEATkujXaUReJ1gt8RlRzHhIlTfoZlnUfO8p1AM0iJOJj7vy7_S0xi8nOFhmX1r6tTsHDTE1qUC5Du4wWc8&sai=AMfl-YTAPWC7Zm5e3jawaoVUhVOYfL8qmwLIQt9HsfPRXHyg4Oxw5I1zPLkPSf8Qx3AVdJZrrh-9XcmdTYHh&sig=Cg0ArKJSzF6L1klqf75wEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2105329952&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633258185287&rpt=533
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Oct 2021 10:49:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B794 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsta9t9cVrd_Fu8nC0gaJskd9nqj82WJexI6_OU4n0eWzDrurbp4TCTKn_Iay5YtW899RyLArpMrwy3IDWdl44jHAmH4zyKdRjeiIrWrv3RyRGOOZGg&sai=AMfl-YTMI9btlte9ciTz6rEnt0XAwPG9GFLMeznyUsRdqNFz4MKBFxeXLHzki5KY-Pm6rr08ixql74T7HgU8&sig=Cg0ArKJSzMRibm4EWl8CEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211001&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1358332770&rs=2&met=mue&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633258185291&rpt=736
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Oct 2021 10:49:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect boolean| originAgentCluster object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map function| gtag object| dataLayer string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| adsbygoogle object| GoogleGcLKhOms function| google_spfd object| google_image_requests

5 Cookies

Domain/Path Name / Value
payment.meshotet.co.il/ Name: PHPSESSID
Value: cf7f8b4afe8b2e38b66fc70f5480ea87
.meshotet.co.il/ Name: __gads
Value: ID=7ed8f0db93001c68-2220b859e4ca0046:T=1633258185:RT=1633258185:S=ALNI_MZ63UFXhQ0KOoo4RSMrniVbGFmFrA
.doubleclick.net/ Name: IDE
Value: AHWqTUlb2GgRnhdJu7mu6lQqiRRfBOvwJhaSTp_5h75Krkk8XAbrewow51lgFrueh54
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
security error URL: https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/(Line 53)
Message:
Mixed Content: The page at 'https://payment.meshotet.co.il/pay/%D7%A8%D7%A9%D7%99%D7%95%D7%9F-%D7%A8%D7%9B%D7%91/' was loaded over HTTPS, but requested an insecure frame 'http://ecom.gov.il/Voucher/InputPage.aspx?vid=260&lng=he'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
payment.meshotet.co.il
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.184.202
142.250.185.129
142.250.185.164
142.250.185.66
142.250.186.162
142.250.186.66
142.250.186.67
142.250.186.98
157.240.236.35
172.217.16.130
172.217.16.131
212.150.101.186
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
0f97d243c676fadb5eed75ac9b733ce2a06d1dd7f30c0f6b43b3f2f759a7fab4
1264ac64e82702e03cd71fbea5dfc8137bbca7ae8c33df94955f3f47add9e61f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d7b583ed5aa4e79e18b020773db8e35d658c4eb753e2217a8b8bc219049fc59
1db3f07e68acf7af3d77f524418fc27631f604f3d64db6d8e43cca81666883f9
221fc39f9a7a3241ddd37b347af8eb6e69f8fe1e41d70038c20c97a4959e3614
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
306a4bfd44a3d49f7bf124992a7fbcd053fe1670a812306c1812608f73c855b0
33953d06239abdbd561a85c109e97629b1b01bbcfc01b910b0fc423c76f27f25
3d474566536540ff139bb2513f0a00ebc6f5eec3c9dc436b4df8916295e75e4b
40c361328f9928215ac5a6e82d40380caa33766097e5fa778735b3dde6de844d
4f01b4fcb2074527202f0f17975d97d454ce493027338ae3bfe0315cddafe3db
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
504fcf0b0ad515a768605ff7b5ec6290788f4844349f89b121edb553f99f183c
55d8fc52238a44b40deef0d9b1db3e4c0fecd8d69bc1eea1852af7fb9e432f0a
5ab9190fb83fe28a765e5e4af8b137a4f478728719603dc3a5f1c6a999d6d194
5fa4c8526fbcf45dbe2cf7f27d6bda6c3bf9d0bafbf29d356f2d7d126e91754f
6cd4fdef93aef355d2c534bc7de3d08d9723234a1b0cf6161652193f34e4f820
7fc5100a04bfa41ef94b6419b3c89c9b9722476e6452c604b62310fa91dfcfc8
867ff39044c47d580bde0bfc1e95bfcc25c21738c79351591641a83a56dc6d3f
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
94cfe0e7f05a53a4381439225e7467af76d1b3e3c7969c04f2fd0756e4b69209
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a672e695dab08ffadbea7f0e77f1a723eefff684ae0cdabe2ca3b7a141554c3e
ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb
b1bf5d8b45fcb763efdf27024c02b7ffeb5e106d0de99efee92c24f2432cf7cf
be366b6a0ddcd4fdae120151dea76b92aca4b813a9937c229e31dd5eafc21b4c
bed15b50fbf91f9873f5ede25e400ea120be329eb3252ced96aa0e9357b5f413
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c1fcdc9e9342175de9616247f9d335abab55479a4d2411f260ea1d48e547bd12
c44af7711c8439fb9f7ae0347a0b542fe947c9a26d801182d93798e5ef227388
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cfbb08f37e3ee4b7f0fed7f11bc875f01212f87932f2513ac3f112f20fca44b7
d9b88343337412fe7e751c26f04a69320f78337bd24c0d1c1f61be58d00f0c92
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f9fce076b689d6ba1e3c2d2ac96d5766c5a4cb81c4008c8b76295c93ebe56f
f5f0c42fa13f46ee21f52fe2d05a7fa05ba53c1e0149129d168444e801523c80
fe19dfa4f93c5493357224dea05c8168daa0ea6745ada42adecac61030558ed9
fe86c76a5240d367d1de769cc0c2d5aea9d7fd9224dc947c0a449ed6824f5517