urlscan.io logo urlscan.io
SecurityTrails logo

salat.zahav.ru Open in urlscan Pro
143.204.215.50  Public Scan

Go To Rescan Add Verdict Report
URL: https://salat.zahav.ru/
Submission: On July 24 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 11 countries across 68 domains to perform 515 HTTP transactions. The main IP is 143.204.215.50, located in United States and belongs to AMAZON-02, US. The main domain is salat.zahav.ru.
TLS certificate: Issued by R3 on June 25th 2022. Valid for: 3 months.
This is the only time salat.zahav.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 143.204.215.50 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:215... 16509 (AMAZON-02)
16 143.204.89.74 16509 (AMAZON-02)
8 104.16.221.74 13335 (CLOUDFLAR...)
53 172.217.18.2 15169 (GOOGLE)
1 205.185.216.42 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:303... 13335 (CLOUDFLAR...)
7 91.226.245.88 56839 (DABLTECH)
1 2a04:4e42:200... 54113 (FASTLY)
6 88.221.169.78 16625 (AKAMAI-AS)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 34.235.205.35 14618 (AMAZON-AES)
1 2606:4700:440... 13335 (CLOUDFLAR...)
21 95.101.201.170 16625 (AKAMAI-AS)
1 18.66.97.73 16509 (AMAZON-02)
6 99.86.4.77 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.222.206.27 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 12 185.89.211.132 29990 (ASN-APPNEX)
6 35.244.159.8 15169 (GOOGLE)
1 147.75.85.234 54825 (PACKET)
7 2602:803:c004... 26667 (RUBICONPR...)
1 178.250.0.165 44788 (ASN-CRITE...)
2 51.75.86.98 16276 (OVH)
2 213.227.153.221 60781 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 142.250.186.166 15169 (GOOGLE)
1 143.204.101.193 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
3 151.101.114.132 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
5 18.66.122.74 16509 (AMAZON-02)
7 70.42.32.63 13789 (INTERNAP-...)
1 10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 104.16.199.73 13335 (CLOUDFLAR...)
4 52.18.251.16 16509 (AMAZON-02)
57 2a00:1450:400... 15169 (GOOGLE)
13 41 142.250.186.130 15169 (GOOGLE)
6 14 104.18.19.126 13335 (CLOUDFLAR...)
2 184.24.1.49 16625 (AKAMAI-AS)
2 88.221.168.201 16625 (AKAMAI-AS)
1 11 104.22.69.131 13335 (CLOUDFLAR...)
45 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:214... 16509 (AMAZON-02)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 2 3.120.80.21 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
4 4 37.157.2.238 198622 (ADFORM)
1 35.186.253.211 15169 (GOOGLE)
5 5 213.19.147.44 26120 (RHYTHMONE)
8 142.250.185.66 15169 (GOOGLE)
2 213.202.235.8 24961 (MYLOC-AS ...)
16 34.215.167.117 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 169.50.137.184 36351 (SOFTLAYER)
2 2 35.190.0.66 15169 (GOOGLE)
2 2 18.157.156.229 16509 (AMAZON-02)
3 3 104.18.18.126 13335 (CLOUDFLAR...)
3 3 72.251.249.13 29791 (VOXEL-DOT...)
1 66.155.71.149 13768 (COGECO-PEER1)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
1 1 103.229.205.242 30419 (MEDIAMATH...)
2 185.64.190.78 62713 (AS-PUBMATIC)
12 2a00:1450:400... 15169 (GOOGLE)
2 142.250.184.226 15169 (GOOGLE)
2 185.64.189.112 62713 (AS-PUBMATIC)
9 2a02:2638::3 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 104.92.74.8 16625 (AKAMAI-AS)
1 151.101.193.108 54113 (FASTLY)
1 1 23.213.161.68 20940 (AKAMAI-ASN1)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 65.9.66.63 16509 (AMAZON-02)
4 4 69.173.144.139 26667 (RUBICONPR...)
1 4 69.173.144.138 26667 (RUBICONPR...)
1 35.71.131.137 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 209.54.182.161 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 185.86.137.110 201081 (SMARTADSE...)
2 2 52.17.116.244 16509 (AMAZON-02)
2 2 185.94.180.126 35220 (SPOTX-AMS)
1 ()
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 178.250.0.162 44788 (ASN-CRITE...)
515 84
17    143.204.215.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-50.fra53.r.cloudfront.net
salat.zahav.ru
8    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:2156:c000:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
16    143.204.89.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-74.fra50.r.cloudfront.net
images.wcdn.co.il
8    104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.idealmedia.io
c.idealmedia.io
cdn.idealmedia.io
servicer.idealmedia.io
cm.idealmedia.io
autocounter.idealmedia.io
53    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2606:4700:3036::6815:43eb (United States)

ASN13335 (CLOUDFLARENET, US)
pogoda.co.il
7    91.226.245.88 (Israel)

ASN56839 (DABLTECH, IL)
PTR: dabltech.co.il
date.zahav.ru
1    2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
6    88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.235.205.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-205-35.compute-1.amazonaws.com
ping.chartbeat.net
1    2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
21    95.101.201.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-201-170.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    18.66.97.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-73.fra56.r.cloudfront.net
ecdn.analysis.fi
6    99.86.4.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-77.fra6.r.cloudfront.net
ecdn.firstimpression.io
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.222.206.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-27.fra56.r.cloudfront.net
d2xerlamkztbb1.cloudfront.net
4    2a00:1450:4001:806::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
12    185.89.211.132 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
firstimpression-d.openx.net
1    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
7    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
2    213.227.153.221 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce14.ams-01.nl.leaseweb.net
b1h-euc1.zemanta.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
1    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
1    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
1    143.204.101.193 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-193.fra50.r.cloudfront.net
d221oziut8gs4d.cloudfront.net
13    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
3    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    18.66.122.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-74.fra60.r.cloudfront.net
cdn.firstimpression.io
7    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
log.outbrainimg.com
mcdp-nydc1.outbrain.com
10    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.idealmedia.io
4    52.18.251.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-251-16.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
57    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
41    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
14    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
htlb.casalemedia.com
2    184.24.1.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-1-49.deploy.static.akamaitechnologies.com
sync.teads.tv
2    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
11    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
45    2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2600:9000:214f:1200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    3.120.80.21 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-80-21.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    213.19.147.44 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
2    213.202.235.8 (Herrischried, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
16    34.215.167.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-167-117.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    18.157.156.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-156-229.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    2a05:d018:d29:3601:2eab:9250:340e:ef2b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
12    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
ade.googlesyndication.com
2    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
9    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    23.213.161.68 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-68.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    65.9.66.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-63.fra56.r.cloudfront.net
outbid.firstimpression.io
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
2    185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    52.17.116.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-116-244.eu-west-1.compute.amazonaws.com
ice.360yield.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    (None, )

ASN- ()
da76572e-964e-41ad-5eb1-41ad964eda76
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
Apex Domain
Subdomains		 Transfer
118 googlesyndication.com
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
ade.googlesyndication.com — Cisco Umbrella Rank: 288
4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
764 KB
75 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211
ad.doubleclick.net — Cisco Umbrella Rank: 202
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296
722 KB
45 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
995 KB
24 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 570
static.adsafeprotected.com — Cisco Umbrella Rank: 559
dt.adsafeprotected.com — Cisco Umbrella Rank: 499
191 KB
24 zahav.ru
salat.zahav.ru
date.zahav.ru — Cisco Umbrella Rank: 527471
510 KB
22 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 3597
log.outbrainimg.com — Cisco Umbrella Rank: 1849
images.outbrainimg.com — Cisco Umbrella Rank: 1933
123 KB
17 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460
htlb.casalemedia.com — Cisco Umbrella Rank: 553
14 KB
17 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 516
eus.rubiconproject.com — Cisco Umbrella Rank: 598
token.rubiconproject.com — Cisco Umbrella Rank: 703
pixel.rubiconproject.com — Cisco Umbrella Rank: 333
20 KB
16 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 89037
c.idealmedia.io — Cisco Umbrella Rank: 80862
cdn.idealmedia.io — Cisco Umbrella Rank: 151749
servicer.idealmedia.io — Cisco Umbrella Rank: 92567
s-img.idealmedia.io — Cisco Umbrella Rank: 80788
cm.idealmedia.io — Cisco Umbrella Rank: 16010
autocounter.idealmedia.io — Cisco Umbrella Rank: 105183
180 KB
16 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 93694
126 KB
15 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1117
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2540
odb.outbrain.com — Cisco Umbrella Rank: 1273
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5100
mv.outbrain.com — Cisco Umbrella Rank: 3003
137 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 96
www.google.com — Cisco Umbrella Rank: 10
3 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 234
acdn.adnxs.com — Cisco Umbrella Rank: 566
29 KB
13 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 18341
cdn.firstimpression.io — Cisco Umbrella Rank: 18721
outbid.firstimpression.io — Cisco Umbrella Rank: 39664
474 KB
11 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 397
mug.criteo.com — Cisco Umbrella Rank: 2751
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13433
ads.eu.criteo.com — Cisco Umbrella Rank: 7319
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9222
28 KB
11 smilewanted.com
prebid.smilewanted.com Failed
csync.smilewanted.com — Cisco Umbrella Rank: 4954
static.smilewanted.com — Cisco Umbrella Rank: 10367
19 KB
10 criteo.net
static.criteo.net — Cisco Umbrella Rank: 615
csm.eu.criteo.net — Cisco Umbrella Rank: 7348
108 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
324 KB
7 openx.net
u.openx.net — Cisco Umbrella Rank: 718
us-u.openx.net — Cisco Umbrella Rank: 391
rtb.openx.net — Cisco Umbrella Rank: 1686
firstimpression-d.openx.net — Cisco Umbrella Rank: 47791
1 KB
6 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 485
image6.pubmatic.com — Cisco Umbrella Rank: 634
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 505
88 KB
6 pogoda.co.il
pogoda.co.il — Cisco Umbrella Rank: 470573
10 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473
ups.analytics.yahoo.com — Cisco Umbrella Rank: 285
ads.yahoo.com — Cisco Umbrella Rank: 1462
3 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 8252
www.google.de — Cisco Umbrella Rank: 5701
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 606
2 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 69033
122 B
3 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 287
2 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 699
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1167
mab.chartbeat.com — Cisco Umbrella Rank: 1878
25 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 508
1 KB
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1794
644 B
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1510
417 B
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4184
sync-eu.connectad.io — Cisco Umbrella Rank: 3163
897 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 632
727 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 400
946 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
2 KB
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12988
566 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 824
r.turn.com — Cisco Umbrella Rank: 2958
869 B
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 13263
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1214
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 640
893 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 792
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1090
794 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 939
344 B
2 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 27430
7 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 811
361 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2656
24 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 424
11 KB
2 cloudfront.net
d2xerlamkztbb1.cloudfront.net
d221oziut8gs4d.cloudfront.net
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
1
function sub() { [native code] }.
105 KB
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 622
98 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 371
924 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 362
265 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 633
651 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 474
862 B
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 579
191 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 850
711 B
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 564
5 KB
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1317
275 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 22548
5 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1311
5 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 988
201 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
9 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
58 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 101593
262 KB
0 advertising.com Failed
sync.adaptv.advertising.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
515 68
Domain Requested by
57 tpc.googlesyndication.com 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
salat.zahav.ru
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
da76572e-964e-41ad-5eb1-41ad964eda76
51 pagead2.googlesyndication.com www.googletagservices.com
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
s0.2mdn.net
securepubads.g.doubleclick.net
45 s0.2mdn.net salat.zahav.ru
s0.2mdn.net
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
41 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
20 images.outbrainimg.com salat.zahav.ru
17 salat.zahav.ru salat.zahav.ru
16 dt.adsafeprotected.com 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
16 images.wcdn.co.il salat.zahav.ru
14 securepubads.g.doubleclick.net www.googletagservices.com
salat.zahav.ru
securepubads.g.doubleclick.net
ecdn.firstimpression.io
da76572e-964e-41ad-5eb1-41ad964eda76
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
12 ib.adnxs.com 3 redirects cdn.valuad.cloud
googleads.g.doubleclick.net
ecdn.firstimpression.io
acdn.adnxs.com
csync.smilewanted.com
10 googleads.g.doubleclick.net 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
salat.zahav.ru
10 www.google.com 1 redirects salat.zahav.ru
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
tpc.googlesyndication.com
9 static.criteo.net cdn.valuad.cloud
static.criteo.net
ads.eu.criteo.com
9 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
8 googleads4.g.doubleclick.net salat.zahav.ru
8 s-img.idealmedia.io salat.zahav.ru
8 www.googletagservices.com salat.zahav.ru
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
da76572e-964e-41ad-5eb1-41ad964eda76
7 fastlane.rubiconproject.com cdn.valuad.cloud
ecdn.firstimpression.io
7 date.zahav.ru salat.zahav.ru
date.zahav.ru
6 mcdp-nydc1.outbrain.com widgets.outbrain.com
6 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 ecdn.firstimpression.io salat.zahav.ru
ecdn.firstimpression.io
6 pogoda.co.il salat.zahav.ru
pogoda.co.il
static.cloudflareinsights.com
5 cdn.firstimpression.io ecdn.firstimpression.io
5 widgets.outbrain.com salat.zahav.ru
widgets.outbrain.com
4 pixel.rubiconproject.com 1 redirects csync.smilewanted.com
4 token.rubiconproject.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 c1.adform.net 4 redirects
4 static.adsafeprotected.com pixel.adsafeprotected.com
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
4 pixel.adsafeprotected.com 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
3 s.amazon-adsystem.com 2 redirects
3 mug.criteo.com
3 ap.lijit.com 3 redirects
3 ssum-sec.casalemedia.com 3 redirects
3 sync.1rx.io 3 redirects
2 sync.search.spotxchange.com 2 redirects
2 ice.360yield.com 2 redirects
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 outbid.firstimpression.io ecdn.firstimpression.io
2 creativecdn.com 2 redirects
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 firstimpression-d.openx.net ecdn.firstimpression.io
2 htlb.casalemedia.com ecdn.firstimpression.io
2 hbopenbid.pubmatic.com ecdn.firstimpression.io
2 ade.googlesyndication.com
2 image6.pubmatic.com 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
ads.pubmatic.com
2 ups.analytics.yahoo.com 2 redirects
2 eb2.3lift.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 x.bidswitch.net 2 redirects
2 ads.travelaudience.com 2 redirects
2 m.exactag.com 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
2 sync.targeting.unrulymedia.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pm.w55c.net 2 redirects
2 cms.quantserve.com 1 redirects 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
2 static.smilewanted.com csync.smilewanted.com
2 ads.pubmatic.com cdn.valuad.cloud
csync.smilewanted.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 cm.idealmedia.io jsc.idealmedia.io
2 odb.outbrain.com widgets.outbrain.com
2 b1h-euc1.zemanta.com cdn.valuad.cloud
2 onetag-sys.com cdn.valuad.cloud
2 u.openx.net cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 cdn.jsdelivr.net cdn.valuad.cloud
ecdn.firstimpression.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 jsc.idealmedia.io salat.zahav.ru
jsc.idealmedia.io
2 static.chartbeat.com salat.zahav.ru
1 csm.eu.criteo.net ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com 4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com salat.zahav.ru
1 da76572e-964e-41ad-5eb1-41ad964eda76 securepubads.g.doubleclick.net
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io csync.smilewanted.com
1 id.rlcdn.com
1 px.ads.linkedin.com
1 ads.yahoo.com
1 match.adsrvr.org
1 ads.stickyadstv.com 1 redirects
1 acdn.adnxs.com cdn.valuad.cloud
1 sync.mathtag.com 1 redirects
1 pixel-sync.sitescout.com 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 r.turn.com 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 rtb.openx.net 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
1 mv.outbrain.com widgets.outbrain.com
1 autocounter.idealmedia.io salat.zahav.ru
1 www.google.de salat.zahav.ru
1 log.outbrainimg.com widgets.outbrain.com
1 servicer.idealmedia.io jsc.idealmedia.io
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.idealmedia.io salat.zahav.ru
1 c.idealmedia.io jsc.idealmedia.io
1 d221oziut8gs4d.cloudfront.net d2xerlamkztbb1.cloudfront.net
1 ad.doubleclick.net salat.zahav.ru
1 static.xx.fbcdn.net www.facebook.com
1 bidder.criteo.com cdn.valuad.cloud
1 prebid.a-mo.net cdn.valuad.cloud
1 d2xerlamkztbb1.cloudfront.net salat.zahav.ru
1 ecdn.analysis.fi salat.zahav.ru
1 widget-pixels.outbrain.com salat.zahav.ru
1 tcheck.outbrainimg.com widgets.outbrain.com
1 static.cloudflareinsights.com pogoda.co.il
1 ping.chartbeat.net salat.zahav.ru
1 www.facebook.com salat.zahav.ru
1 mab.chartbeat.com static.chartbeat.com
1 www.googletagmanager.com salat.zahav.ru
1 cdn.valuad.cloud salat.zahav.ru
0 sync.adaptv.advertising.com Failed 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
0 google2waycm.netmng.com Failed 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
0 prebid.smilewanted.com Failed cdn.valuad.cloud
515 121
Subject Issuer Validity Valid
zahav.ru
R3		 2022-06-25 -
2022-09-23		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.wcdn.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
valuad.cloud
E1		 2022-07-02 -
2022-09-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
date.zahav.ru
R3		 2022-05-21 -
2022-08-19		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-05-02 -
2022-07-31		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
analysis.fi
Amazon		 2021-12-04 -
2023-01-01		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2021-11-21 -
2022-12-05		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.a-mo.net
R3		 2022-07-04 -
2022-10-02		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2022-04-01 -
2023-05-02		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-07-22 -
2022-10-19		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-05-27 -
2022-08-25		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-12 -
2022-09-12		 3 months crt.sh

This page contains 66 frames:

Primary Page: https://salat.zahav.ru/
Frame ID: CA8AC6FEBDEE8FABB23870E6EC947158
Requests: 150 HTTP requests in this frame

Frame: https://pogoda.co.il/widgets/partners/zahav.html
Frame ID: 7F3302346DCD590CBBEB7E318A2E8D97
Requests: 7 HTTP requests in this frame

Frame: https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
Frame ID: E554D1A0BA1EB79CF5B55944FF7E00F4
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fzahav.ru&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false
Frame ID: 502D7559A7A59F11DB0BD92C6CCB291A
Requests: 2 HTTP requests in this frame

Frame: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E7816D115ED3E3B89352C77A816FC514
Requests: 1 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=165866760142083547788
Frame ID: 94F5CE8FE9ABB34F05999AA73876695A
Requests: 1 HTTP requests in this frame

Frame: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 58CE45DDF2026CD45B5F528F3D6EDB86
Requests: 30 HTTP requests in this frame

Frame: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8A3CC4F1DC40BE2FBFAEFA070CB53FFB
Requests: 15 HTTP requests in this frame

Frame: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8F72F4F7A7276192553FAA93ED7023C1
Requests: 15 HTTP requests in this frame

Frame: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 99180F5E76EF3ACB7AC102A256B5F3AC
Requests: 8 HTTP requests in this frame

Frame: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8917435FD3C3E2C73B13956D637CC759
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YicvQEwAQ&v=APEucNWJNFERvv9mF_D1Znz_lOPIDZ0Uer_OlQBoEkSyRExWBEcDycZIsG3JzxDpyzGmukV7PeZSC6bywD8InfFwJFqUoXIkwqzJ3brSlZRDwlUCaCxG_iLDHpmw4DfYzsIJRbDnkqDzJxS7lkK1jNqhFRno_WBKyLVJNEOCbyKFhdH0ibgqmWQ
Frame ID: 2748B2117511BF66DE11907E9020CFCA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYr4CcvQEwAQ&v=APEucNVdJZ4l5K1GMI0qhzi2pOpronKkxmJQEEQqfA4HQphWaHKaAxf3qdOUDaDEJRxk17cxSZ3Q8PdkTbjsNo1IlNzAcQOsu3TRDg_D5KxpYEIdvxDBW4W4ClaEf4L-aw2kfi5s8uy8spm_nVRGppAxAsuM-aHq-ci3GSnn9lX5NMktJE5kLpQ
Frame ID: D2B3B3C2D30CBAFB9B3878B3151EF241
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html
Frame ID: 5168FEEF4C773150988E2F475564C7C3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNWsK8X576qL7_ojVAx0aKddQ7RXQMnYxIEqMuHjBI7chkERW0aXNN0etyzxN_CsfF5n2BsM2hm8_iY3tZFDOEDCXxr6yOq04Am-h2IBK6WTl8OFnpgyx4ypIB4If3-EOFHGkRFotFuTdBFvh_PCPcM3QMmEI-nzyijqfXzb5DYLz9ardWU
Frame ID: A104916E3BEC4A1CFF81894ABCE4FFC4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNVo3JHwVVBOvE0CGXpd8dFSHxymxJDU6ISH2ROoqepwToaRnH-rcQ1qgnXjH_tHh93gLg066FlXmGFp07q79YwVcCcuIAK_fFjBzZas-Ke4SYq7fSZDtRKDrokm4iWjHBGip3sL1TPdSLGp7KDL0E_uqPdrhL9BPitjcW7VD6ta-2lZ1Ic
Frame ID: D6E2AFEA943FB7751A91CF15A53C7119
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 82CBAD02A5327FA2005D0D15F77B7C34
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 35301DE79ED14F8397DF1FF9641AD511
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8073D6135CA677AA58520C1541472E2C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2B737BB751FCFB64485E0E5C23448A38
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B3FB957CB63B4E06B2431FDFC459C2D6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BAC7B2A4E833127832A24B5F33B2EFE3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B78ED5EF2407E623A2ACCB7EE4BAAE0A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
Frame ID: 985B99E564A22029FE03C22DB948F0F8
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
Frame ID: A4A2D2B0170596CEBBFB27E095F6DB31
Requests: 13 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 8D02D2E444BF092251D8A562C0C57C02
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B160220E050BDD3B0E70032D90B06C59
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
Frame ID: 49714858692327A61A43878116BDBA81
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0C130B662EC67054528AE90E05962FAA
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 473C88B955E5FA4D18B4DBB299FCCC1C
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
Frame ID: 8B5561977B222130F4D0096C817792F5
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: A434A46D159E79ECDB3AE8B626DBFC34
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: A8F78E0F26839930E9E87922E66B6C47
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: 230102393407853A97E8A73B2F302E71
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Frame ID: 2EA32EF56A32F45ABF97A7D7EE29A21A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D37E7ACE1A6649B3119311226A271262
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 47635DDFE95AD6DF9BE62812B96813A8
Requests: 2 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 77E0BF2B0531CEEBFAF2E6C8F1355907
Requests: 19 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 1F79BEFC76CFCD60F9EC2128D92C5109
Requests: 18 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=salat.zahav.ru
Frame ID: 1B1ABFE9E722FD4D15C13A0BE719FD35
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: CD6F3C521CB4B44C1606C800F7B99782
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1658667601191
Frame ID: BE6AE0C906F1A63BBEDC4135F7983DFC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 28EDC25E98FDEA179D336529705DBD9B
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: CA480C9392E7AC8FC9A17DDC1581421D
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 4DA4CFECC72860CB84479A2947630415
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: E619C78AE509733BD233479832C70DB1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/31b239938315f8254fd6ad27789a3ec6
Frame ID: 30C7FCA8897369229D726B2AE7ECDD62
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ZXPyV2KdM2fsUST8fIzP?pi=smilewanted&tc=1
Frame ID: C14861151123A6ED1D20774DAE8F2395
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=aad099dcf17761d11d7d5bca461405ba
Frame ID: 2EDDAD2DB33E62257EC189BC4882C748
Requests: 1 HTTP requests in this frame

Frame: https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F95AAFE84640D73E3773D90DBD447994
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 46C02ACE9F61097055A00CA6678B5F7F
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 454C31DAC332196EC27F7CB9BAD6F6B9
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 711E21D27BF98B414450A2F1AAF22A6A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/9b0d2260-1506-4750-963d-ef925ab37b9c&partner_id=1010
Frame ID: B43A3640020DDD8870848F47B42B4EE2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 32F0141031553E372CCFEDD5EEB94C63
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CBC361BA87FFBC5CAFDEE07A53F289D0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 23B01F497CE5F3A497FAEC2807107A9D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BCD500A57FA20DFC1BCB5F4C755E41ED
Requests: 2 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 96D3DA7E257E0FE65DF04CDBBFB6460F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 09DB338B1C61365DEA18B230F282EF6A
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yt1CUnMdlz7abwNNqDfBqAAA%261143
Frame ID: 4BA0A4F9FBD606C8BACA40558C878180
Requests: 1 HTTP requests in this frame

Frame: https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8D69B2086FE5828F3C566B24A3D34110
Requests: 8 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/898ab9aa-0b50-11ed-91e9-18c6427b0506
Frame ID: F261E220C92A0C412F9CB39C648A0BEE
Requests: 1 HTTP requests in this frame

Frame: uuid-in-package://da76572e-964e-41ad-5eb1-41ad964eda76
Frame ID: 40359DBD3D57E9CCBB61023B7A2E664F
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Frame ID: 3976E2F4F57ED01A90FB2280E7B532E7
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/index.html
Frame ID: F1AC522EBE1446752E420C33380FA925
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zahav.ru Салат

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

515
Requests

89 %
HTTPS

34 %
IPv6

68
Domains

121
Subdomains

84
IPs

11
Countries

5431 kB
Transfer

14597 kB
Size

67
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Request Chain 176
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yt1CUnMdlz7abwNNqDfBqAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Request Chain 177
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
Request Chain 178
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Request Chain 180
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yt1CUnMdlz7abwNNqDfBqAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
Request Chain 182
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
Request Chain 183
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Request Chain 184
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yt1CUnMdlz7abwNNqDfBqAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
Request Chain 186
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI8Z8F-owY_e8VhoC2Hwm5A&google_cver=1
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEEDjvVNCRJjBRHENxsiOHt8&google_cver=1
Request Chain 232
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 237
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFp7eZ_sVFCUNPeB9g1zAco&google_cver=1&google_push=AehlK4BzVWuUC8Uw7hfC9EjwvI5IXaW5UUA86kj7PEBFnR75zKRBlnWZ5RKPJLd6ZBRTzKIKs1f06Ra9rSiVEghfoDbvllIEnDM3cQ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFp7eZ_sVFCUNPeB9g1zAco&google_cver=1&google_push=AehlK4BzVWuUC8Uw7hfC9EjwvI5IXaW5UUA86kj7PEBFnR75zKRBlnWZ5RKPJLd6ZBRTzKIKs1f06Ra9rSiVEghfoDbvllIEnDM3cQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QXk2NVJQT0kxT2ZCZGc1&google_gid=CAESEFp7eZ_sVFCUNPeB9g1zAco&google_cver=1&google_push=AehlK4BzVWuUC8Uw7hfC9EjwvI5IXaW5UUA86kj7PEBFnR75zKRBlnWZ5RKPJLd6ZBRTzKIKs1f06Ra9rSiVEghfoDbvllIEnDM3cQ
Request Chain 238
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_cver=1&google_push=AehlK4CO6AkXyCxbfbQmSVGo7zDiWNZClF7DVEEnlbtvHnH4-f9HmDH9lTYR6vHmWd_DmRmoW_wOsa-KaH_40gYdgDJrhEOB6indOA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_push=AehlK4CO6AkXyCxbfbQmSVGo7zDiWNZClF7DVEEnlbtvHnH4-f9HmDH9lTYR6vHmWd_DmRmoW_wOsa-KaH_40gYdgDJrhEOB6indOA
Request Chain 239
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMGU9OoZ6o404z0wMm0ysKw&google_cver=1&google_push=AehlK4BNVXhAC5VcE6-x_wIlXM4xBMcIN0F99vsGraylNVxVq1PV_SZRv0vSZB8HFhrePhnkLNrmFXQSH_-mctL3N9MgfrktS8mp3w HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMGU9OoZ6o404z0wMm0ysKw&google_cver=1&google_push=AehlK4BNVXhAC5VcE6-x_wIlXM4xBMcIN0F99vsGraylNVxVq1PV_SZRv0vSZB8HFhrePhnkLNrmFXQSH_-mctL3N9MgfrktS8mp3w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk4MjE3MDEzMTA0MTM5ODAwNA&google_push=AehlK4BNVXhAC5VcE6-x_wIlXM4xBMcIN0F99vsGraylNVxVq1PV_SZRv0vSZB8HFhrePhnkLNrmFXQSH_-mctL3N9MgfrktS8mp3w
Request Chain 241
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJkhPI1UDI-IHZgqz57JRvs&google_cver=1&google_push=AehlK4C2OdLBkTxPVwBKcH5ccYalTOR9laozwKbNrqkDu-YADlH9XiwmA6B7u9rw7xoOf-sUbJOS7V1uObUqHaPM02-SyYKUGdNxzw HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4C2OdLBkTxPVwBKcH5ccYalTOR9laozwKbNrqkDu-YADlH9XiwmA6B7u9rw7xoOf-sUbJOS7V1uObUqHaPM02-SyYKUGdNxzw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1658667602461 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5ddf9a0b-9fa3-47e7-8ad8-f780c79285db-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4C2OdLBkTxPVwBKcH5ccYalTOR9laozwKbNrqkDu-YADlH9XiwmA6B7u9rw7xoOf-sUbJOS7V1uObUqHaPM02-SyYKUGdNxzw%26google_hm%3DA13fmgufo0fnitj3gMeShds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4C2OdLBkTxPVwBKcH5ccYalTOR9laozwKbNrqkDu-YADlH9XiwmA6B7u9rw7xoOf-sUbJOS7V1uObUqHaPM02-SyYKUGdNxzw&google_hm=A13fmgufo0fnitj3gMeShds
Request Chain 252
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGqm5Ltc4pFTH9aleQYuNK4&google_cver=1&google_push=AehlK4DCUteXLrO3WaFPCMFb07g1ZmlJKf0bO-BWkTgvgmR_O4H1DFdntukyA002FdpcidFsNd_fyhgyWbtd9btY2gLNeTeto3xW HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzkxMTk5NTQ4MDQzOTcxNzQyNQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGqm5Ltc4pFTH9aleQYuNK4&google_cver=1
Request Chain 253
  • https://um.simpli.fi/gp_match?google_gid=CAESECgYb6zYUj__Nqpp47RKeQ8&google_cver=1&google_push=AehlK4CW-0NIlXB-qNyPIRwaiZo2qGwerhZxAV7yLSEPWvZaCWxBPmPrkuJ02RdeqDgcMSwmmZ-2Utp4SuT9vuBH_ztx0wRGSlVZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B5DE7F0A49D405E9450AB94AAF984AC&google_push=AehlK4CW-0NIlXB-qNyPIRwaiZo2qGwerhZxAV7yLSEPWvZaCWxBPmPrkuJ02RdeqDgcMSwmmZ-2Utp4SuT9vuBH_ztx0wRGSlVZ
Request Chain 254
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJoyLD9OftbTojPNA0ef-sc&google_cver=1&google_push=AehlK4APGWd1n5LTY6LSK25J0QbD1ZLYfZ_FtEj_npLrd2vNmT0XqFEtv5Ny8x9l7VuoliuPgYgoob7paYTQuKf5sEIw6AtcFnkU HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E41Gnf_-SZi4nhmeJOtrNw2&google_push=AehlK4APGWd1n5LTY6LSK25J0QbD1ZLYfZ_FtEj_npLrd2vNmT0XqFEtv5Ny8x9l7VuoliuPgYgoob7paYTQuKf5sEIw6AtcFnkU
Request Chain 255
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENHMR5GXlzMJ2EtPp1jVfU8&google_cver=1&google_push=AehlK4DlQrw2w72AhOq5muH8SU2Kc423noyiDMi7CK9rmiu4kjMF4pSzb3v-d0rcpGLoiMLwQcxYloWob-JqHkItgTOIkOBtsDwL HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENHMR5GXlzMJ2EtPp1jVfU8&google_cver=1&google_push=AehlK4DlQrw2w72AhOq5muH8SU2Kc423noyiDMi7CK9rmiu4kjMF4pSzb3v-d0rcpGLoiMLwQcxYloWob-JqHkItgTOIkOBtsDwL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DlQrw2w72AhOq5muH8SU2Kc423noyiDMi7CK9rmiu4kjMF4pSzb3v-d0rcpGLoiMLwQcxYloWob-JqHkItgTOIkOBtsDwL&google_hm=RC9x1RewTJKF6YW-_K5k3Q==
Request Chain 256
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMGU9OoZ6o404z0wMm0ysKw&google_cver=1&google_push=AehlK4C7pjcHAjONdhqvZn0skuBGwv-lqfr7g47Cfs5P-DD2uiqOGyJ6SPK0WYXC11g3Nk9cA1UBqyLRJKWeuDJAsmyNyszlxEk HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMGU9OoZ6o404z0wMm0ysKw&google_cver=1&google_push=AehlK4C7pjcHAjONdhqvZn0skuBGwv-lqfr7g47Cfs5P-DD2uiqOGyJ6SPK0WYXC11g3Nk9cA1UBqyLRJKWeuDJAsmyNyszlxEk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA2Mzg1MDMzNjg3NzIwNjY1Mw&google_push=AehlK4C7pjcHAjONdhqvZn0skuBGwv-lqfr7g47Cfs5P-DD2uiqOGyJ6SPK0WYXC11g3Nk9cA1UBqyLRJKWeuDJAsmyNyszlxEk
Request Chain 257
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_cver=1&google_push=AehlK4CfXL77v_-n6lE29YWPVjJUYfkQMOuSROShvjDgs9KKzvPjOLa2ponYADF8mHZ-lYJtzQdaqLu-RMYC-XeS8ShbWMDpEyhN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_hm=Yt1CUnMdlz7abwNNqDfBqAAABHcAAAAB&google_nid=index&google_push=AehlK4CfXL77v_-n6lE29YWPVjJUYfkQMOuSROShvjDgs9KKzvPjOLa2ponYADF8mHZ-lYJtzQdaqLu-RMYC-XeS8ShbWMDpEyhN
Request Chain 258
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKgaKb7uJXdHKUu10gGPzGM&google_cver=1&google_push=AehlK4C7qZ99e85xE5ujYRvlxFNxVvdQc68KelKs10iOqtSIRc3jm6pNYmLZue_dfCSczMBeqmpaPNuKHgfeWnp2XJXMnLLaSZNt HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKgaKb7uJXdHKUu10gGPzGM&google_cver=1&google_push=AehlK4C7qZ99e85xE5ujYRvlxFNxVvdQc68KelKs10iOqtSIRc3jm6pNYmLZue_dfCSczMBeqmpaPNuKHgfeWnp2XJXMnLLaSZNt&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4C7qZ99e85xE5ujYRvlxFNxVvdQc68KelKs10iOqtSIRc3jm6pNYmLZue_dfCSczMBeqmpaPNuKHgfeWnp2XJXMnLLaSZNt&google_hm=FB3sqGZH-OlxuttHQzWf7xqe
Request Chain 262
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_cver=1&google_push=AehlK4CkpyxiYnCZvbmG0p-6T22EqlM8UCPmFeX9CNda7d_3sBULtdtCf5uKpJpWtXLxZPc7EaVK6juyNLiTGmuej1lKwx8BV48 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_push=AehlK4CkpyxiYnCZvbmG0p-6T22EqlM8UCPmFeX9CNda7d_3sBULtdtCf5uKpJpWtXLxZPc7EaVK6juyNLiTGmuej1lKwx8BV48
Request Chain 265
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMeLGV2kUzV_-BnqogtK3qM&google_cver=1&google_push=AehlK4AxthhVO01uvYaWuBQQzlF38NVADYoPhc6ksHmyVMQ_l3tL2Iwqv5KctLK84x54ttutFbwF3Fo5EP-SU8f-TmQ68wcoGLY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AxthhVO01uvYaWuBQQzlF38NVADYoPhc6ksHmyVMQ_l3tL2Iwqv5KctLK84x54ttutFbwF3Fo5EP-SU8f-TmQ68wcoGLY&google_hm=MTY3OTE4NjcxODYwNzQ2MjM3Mw%3D%3D
Request Chain 267
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMSrqpVvCor9_wKkj68AwuY&google_cver=1&google_push=AehlK4BGnY_AT0IIBgph_lw92r_Ma8sL-f78sAuuPZOkQWKXUaFiWsXsdMLp3K4hDaEGrN4lpmAiSJCe6WvhQhTARzJZAFhz HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4BGnY_AT0IIBgph_lw92r_Ma8sL-f78sAuuPZOkQWKXUaFiWsXsdMLp3K4hDaEGrN4lpmAiSJCe6WvhQhTARzJZAFhz&google_gid=CAESEMSrqpVvCor9_wKkj68AwuY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgxNTM3MDMxNjE5MDI0NTc5MDM5Mg%3D%3D&google_push=AehlK4BGnY_AT0IIBgph_lw92r_Ma8sL-f78sAuuPZOkQWKXUaFiWsXsdMLp3K4hDaEGrN4lpmAiSJCe6WvhQhTARzJZAFhz
Request Chain 268
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEpm_gQmGyTsD-rV1rZJwoM&google_cver=1&google_push=AehlK4CE9njrzlrEKFLB5wAmNyU139ALSS8nepx0VLdK_1wTuTVtGDDSvZ0UabYOow03Z-lgt79cmOItbJEWv8_EUB-uE5NHB1s HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEpm_gQmGyTsD-rV1rZJwoM&google_cver=1&google_push=AehlK4CE9njrzlrEKFLB5wAmNyU139ALSS8nepx0VLdK_1wTuTVtGDDSvZ0UabYOow03Z-lgt79cmOItbJEWv8_EUB-uE5NHB1s&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mdmV0NzhKRTJ1RmtPb19RNThqQkJUcDVWaEZLUTNzRH5B&google_push=AehlK4CE9njrzlrEKFLB5wAmNyU139ALSS8nepx0VLdK_1wTuTVtGDDSvZ0UabYOow03Z-lgt79cmOItbJEWv8_EUB-uE5NHB1s
Request Chain 281
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPUvUzyAQEcjpzebVdCzoCs&google_cver=1&google_push=AehlK4Dc47GWAJ48z3UQGouYpX0i0dY66lynwZaM-Gx-WUdZlnihA7Wo0RnqfnHuGSaIoBmX1iovG4eTnW7OdUKTOjCG6KyujNAC HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Dc47GWAJ48z3UQGouYpX0i0dY66lynwZaM-Gx-WUdZlnihA7Wo0RnqfnHuGSaIoBmX1iovG4eTnW7OdUKTOjCG6KyujNAC&google_hm=KxNAbkuTRiAxXU5VyMRLEw
Request Chain 282
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED28pUGYI-P3J46o3O-mz70&google_cver=1&google_push=AehlK4DT7oscHNhTLk_No5WEhmMfucEUdIuT0-pjQEOJABtLGZm-OMJvFSPfqfEAY_qnm6LwRCxwsWrCxYPXVhMAotOcjvAlypyM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DT7oscHNhTLk_No5WEhmMfucEUdIuT0-pjQEOJABtLGZm-OMJvFSPfqfEAY_qnm6LwRCxwsWrCxYPXVhMAotOcjvAlypyM
Request Chain 283
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJoyLD9OftbTojPNA0ef-sc&google_cver=1&google_push=AehlK4BxooffijzoXrWbOo_PibjnCJBl9l9KNs1R8ePesokxzuVvjGf4q4Rvnt4B9iCe-tCohOgbOyaVqrdicfrbczWNSD4z3wah HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E41Gnf_-SZi4nhmeJOtrNw2&google_push=AehlK4BxooffijzoXrWbOo_PibjnCJBl9l9KNs1R8ePesokxzuVvjGf4q4Rvnt4B9iCe-tCohOgbOyaVqrdicfrbczWNSD4z3wah
Request Chain 285
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_cver=1&google_push=AehlK4CnNnRRtVyyHHck-bAQC7niVOFnDE3OHJsn3Zhepc5P0pWCsHQuek4YcDfjUYRWhQQ8im6QSKiZ8q99dYggRrEjsRUN3r-c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_hm=Yt1CUnMdlz7abwNNqDfBqAAABHcAAAAB&google_nid=index&google_push=AehlK4CnNnRRtVyyHHck-bAQC7niVOFnDE3OHJsn3Zhepc5P0pWCsHQuek4YcDfjUYRWhQQ8im6QSKiZ8q99dYggRrEjsRUN3r-c
Request Chain 286
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKgaKb7uJXdHKUu10gGPzGM&google_cver=1&google_push=AehlK4AzFvciZ2guFEv1wHcjPGZX1trt8-zZblJhF1lTMUzVq4I9WHGjYMlhiSd5QK__sXm1I3Qsg_SobAb_J2SKduAgYneraeiq HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4AzFvciZ2guFEv1wHcjPGZX1trt8-zZblJhF1lTMUzVq4I9WHGjYMlhiSd5QK__sXm1I3Qsg_SobAb_J2SKduAgYneraeiq&google_hm=FB3sqGZH-OlxuttHQzWf7xqe
Request Chain 287
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJkhPI1UDI-IHZgqz57JRvs&google_cver=1&google_push=AehlK4CMMm9pf9Y_9c6xvj7HQa06MrtXCJFlvEAPBDjcWRrBjaGv2QokQzXN2viQcwLarDJGJZVE2nA10Szd3CiyqJqVzjWMgxe8 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5ddf9a0b-9fa3-47e7-8ad8-f780c79285db-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CMMm9pf9Y_9c6xvj7HQa06MrtXCJFlvEAPBDjcWRrBjaGv2QokQzXN2viQcwLarDJGJZVE2nA10Szd3CiyqJqVzjWMgxe8%26google_hm%3DA13fmgufo0fnitj3gMeShds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CMMm9pf9Y_9c6xvj7HQa06MrtXCJFlvEAPBDjcWRrBjaGv2QokQzXN2viQcwLarDJGJZVE2nA10Szd3CiyqJqVzjWMgxe8&google_hm=A13fmgufo0fnitj3gMeShds
Request Chain 421
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zahav.ru&sn=ChromeSyncframe&so=0&topUrl=salat.zahav.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5vCZJXxETXFtV1lIaGEwVU5KRXVYblFORkxMNGVJbW1zZC8zTnoxeEF4RUs4TXQvSU9JUmFiRkxrT2ZRcDhjWm9zMEgrWVhEbGtWRFdHekhDWGVoWXlSZjJNU2hSdXE0WGFlZ1VUaDdFVDF5NkxwNzNsb2F5ZWZLalJHMEdlV0RQVkhZYlEwcGhHMnZyN3Y5YWh5SkM4NkFGYzBZK1FvQ3pvRFM4cWducVQyY0FiRHRoSUprYk9tbnduYnNxT0FQenNiYlpmM3U3VVkvTGxUQVA0VERwM25JUmpDVWFrQkxoNnlNdU1mU3NreE5UeGY2QVhxUFV2KzhPcXBnemRZT3VZTUNqWitSNEdSdDY5cUEyU3ZSMVBIdlpKQT09fA&cppv=2
Request Chain 422
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsalat.zahav.ru%2F&domain=salat.zahav.ru&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=UT11S3xlVWRDb2JrQmozNUJrZ2IrOVVrNjVoa2hlQlFFNzNsYmpPOFMvMVdHQ0d3OU5Vc1c0Q2ovU0pYVExxYi9wVUJnTnZjTVgveFk5WWZpUGRhZXl0N1hiMEZJd1N4M2NMc3BMa1RrcWdiR2twbzNYTi9VTUN1amkwSm5ucDJPOWx0LytUMDJ4eTVhTDgzTkdKUWJSTCs0b3dnbjM1RDR2R0ViOHJmY0ZPM1RCVWx1bmlRUlNuQ1czREhrZndxNDFlc2JOUmZJRnBrQVFGYVJuNHA4TlJLcDhHbnhSUU5JdS9KTjBXeUlaRjc5NzZ4R1ZXdklLejIyOHU2VFZnNGwrUFRKOCtqWWRpYXQ0VWJSUmllSEFnNnRRdz09fA&cppv=2
Request Chain 435
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/31b239938315f8254fd6ad27789a3ec6
Request Chain 436
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ZXPyV2KdM2fsUST8fIzP?pi=smilewanted&tc=1
Request Chain 439
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Hci5UZki3p7nYy4qouSm6Mn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1679186718607462373
Request Chain 441
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5ZBV410-11-5H4L&sigv=1&esig=2~71fb356612def765a16fa6a98e32a3cf890c652d
Request Chain 442
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKvtThj14KKYqHOQJsY3s3s&google_cver=1
Request Chain 443
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5ZBV410-11-5H4L
Request Chain 444
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGE0NWI4Yjk2NzIwODEwNDMzMzc2MmZiOTY3N2NlYWI1YmEyYzE5OQ
Request Chain 445
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3mo_nX0LSSqzamqthVjkHw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3mo_nX0LSSqzamqthVjkHw
Request Chain 447
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=aad099dcf17761d11d7d5bca461405ba
Request Chain 461
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 464
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/9b0d2260-1506-4750-963d-ef925ab37b9c&partner_id=1010
Request Chain 475
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yt1CUnMdlz7abwNNqDfBqAAA%261143
Request Chain 479
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=898ab9f6-0b50-11ed-91e9-18c6427b0506 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/898ab9aa-0b50-11ed-91e9-18c6427b0506

515 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
salat.zahav.ru/ 		182 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
27e013ff151544c63612268d1350a2053ae7bffcbc2e33f61d61f92bfd6450b2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
821
cache-control
public, max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 24 Jul 2022 12:46:19 GMT
etag
W/"2d6a0-okFgN52KKoaK15+4bhokOsk5aL4"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
x-amz-cf-id
0kbROu2iyjhTryo6eHEoeOyJQJHSHYPjwMCFHNmbutTcPIJaQsiNCQ==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-cached
HIT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87d98c58214039d8317f6519c1441b13d920e83988a58cfc51ea5dbcbe7094e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28358
x-xss-protection
0
server
sffe
etag
"1282 / 189 of 1000 / last-modified: 1658527520"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Jul 2022 13:00:00 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 11:09:32 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
age
6628
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0wTECP8UwSHC8MigZ6MZNhQ_-q9pQiu3de_rCaArz7k_8TFCdOxSsQ==
expires
Sun, 24 Jul 2022 13:09:32 GMT
facebook.png
salat.zahav.ru/public/zahav/assets/social/desktop/ 		266 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/desktop/facebook.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
146a64826cd7fdd7a02546901a50c199c7cd8bf2c3a87be4a051a269ab43da69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:08 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241792
etag
W/"10a-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
266
x-cached
MISS
x-amz-cf-id
hUEn5zTqyEDRa3yXZ9YV3QUfK7OIhVhrtJfL_gzLPfBfuaCB61yIIg==
facebook.png
salat.zahav.ru/public/zahav/assets/social/mobile/ 		276 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/mobile/facebook.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8c973fc683837b2b8c9392b6c4115c52f98b8c8c74242b0a2cafa677c60fa1f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:08 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241792
etag
W/"114-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
276
x-cached
MISS
x-amz-cf-id
Rnde7yDANBVXFMUuMjS2xZaDOSCuFpvyFj-ReyYgOkVn2hnlzbQ6Tg==
telegram.png
salat.zahav.ru/public/zahav/assets/social/desktop/ 		411 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/desktop/telegram.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1d27f89e2708b673850caa81118e9245c6afdd422358378e09ffecce4c26dece

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:08 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241792
etag
W/"19b-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
411
x-cached
MISS
x-amz-cf-id
6YB7s2gG0WOshJshgV4UxnYFO6vuZVdD2j_SzxvfnGa-kR17b_mBRA==
telegram.png
salat.zahav.ru/public/zahav/assets/social/mobile/ 		426 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/mobile/telegram.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1b95607d3ea9371fb72c392e8ae3d77dd3a4a315cedacd47cbaa0d2b44a53b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:08 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241792
etag
W/"1aa-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
426
x-cached
MISS
x-amz-cf-id
Jz32AB-u0QdWdxr_Jd4xxD64BKJ00YpDR1JdnykxYfejFWoS7PO5Fg==
twitter.png
salat.zahav.ru/public/zahav/assets/social/desktop/ 		372 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/desktop/twitter.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3fd055f9b0f7d6baaec7f56e269c8dcd347f6680bbd4194c57ee590a46fdb95e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:08 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241792
etag
W/"174-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
372
x-cached
MISS
x-amz-cf-id
EWu_Yj_BBy6GzSVspKXRkBrNcXClaoNoTvnRi_q-uwJy5hao6u7kGg==
twitter.png
salat.zahav.ru/public/zahav/assets/social/mobile/ 		387 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/mobile/twitter.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
515fcf87781aef040a6758d637d17d941caf08ea469656259b5fc3745b832d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:08 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241792
etag
W/"183-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
387
x-cached
MISS
x-amz-cf-id
yNNUhhWOPa89NEjk0WmID8_FWBcnvLOOTTbHEIEBOEarkdt4orn5xg==
vk.png
salat.zahav.ru/public/zahav/assets/social/desktop/ 		362 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/desktop/vk.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
da4a76da2f7b8699744313947182d57adebfbea051b931c01df1f73e41d5ff33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:08 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241792
etag
W/"16a-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
362
x-cached
MISS
x-amz-cf-id
Yftcofl2KdHavDYHznxyMAVC5EcUUs0cm45XaUdtOKbtX2H8ORFnOg==
vk.png
salat.zahav.ru/public/zahav/assets/social/mobile/ 		393 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/mobile/vk.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
95db6265c2c336d53707a24c7f8ccfcc921965c848f18bfc64988ddf4fdf8b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:08 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241792
etag
W/"189-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
393
x-cached
MISS
x-amz-cf-id
4fO-8cstbAKFkGgDptXLonEaQJ0XnO3NGysBKp6Wm9mJxKOnTK1mOQ==
ok.png
salat.zahav.ru/public/zahav/assets/social/desktop/ 		401 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/desktop/ok.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
60531e79a8bcd2aea26e031d6c09a2da7ca3c074bea5d4585a5009d52e17f81c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:09 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241791
etag
W/"191-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
401
x-cached
MISS
x-amz-cf-id
FrUf8CgOIx2UN9dKNsDu2uTQdftQ8UIwNyNU0SCuqnSTP4dordM_dg==
ok.png
salat.zahav.ru/public/zahav/assets/social/mobile/ 		416 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/assets/social/mobile/ok.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
624f0494fca1a39f49b63bc119f7f76161c6cb1af4d6f8a34fd8ba627c195868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:09 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241791
etag
W/"1a0-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
416
x-cached
MISS
x-amz-cf-id
32-K1wHpfrJ_CqYr9eJFuCAnYG5EKykR_EIBI2nik5CH9lFw8oHAIw==
logo-desktop.png
salat.zahav.ru/public/zahav/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salat.zahav.ru/public/zahav/images/logo-desktop.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ae633993bc7b3cab03ed1c6c815522b7cfeb0b8d34cbd1d97526220fc758b8e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:09 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:51 GMT
server
openresty/1.15.8.1
age
241791
etag
W/"1151-18221d0d758"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
4433
x-cached
MISS
x-amz-cf-id
TwQ-LvEiq8W41gxgyyjBM03GcVfgbXlZcsCZSCWtRlnRxOXQNOuEeg==
3412765-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/4/1/2/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/4/1/2/3412765-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
1229849f6cc44e5d72764c6b571c8261cea9cb8efef7b603b7431dd41f8f13e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 05:28:26 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
27094
edge-cache-tag
251296685028538017416973387807192290095,163033824620003494124992686043896153512,d2bce9e04f88d43dd8350e859c701704
cache-tag
251296685028538017416973387807192290095,163033824620003494124992686043896153512,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
22870
x-request-id
b432f33f94bd8dd1d10a24a2b3d1f99b
x-served-by
cache-iad-kjyo7100136-IAD
last-modified
Sun, 24 Jul 2022 05:28:27 GMT
server
cloudinary
x-timer
S1658640505.260971,VS0,VE1680
etag
"2fb3fb1dd57baa13a33082fde4a1fc72"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
QAV-0xm4sUiw7gYkPW391nzCpE88dR5kMsfjZ9p4a-dr4kIWCHJNMw==
x-cache-hits
0
zahav.ru.1297439.js
jsc.idealmedia.io/z/a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/z/a/zahav.ru.1297439.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353ab4401afa449d0cd020b591c8f2615d1d62f444b9420a89b347354e420f0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
gzip
cf-cache-status
HIT
age
3107
cf-ray
72fcd616fd5b9072-FRA
content-length
905
x-amz-id-2
KUzxPY7Gu4siFVvYUXCqZSLgp+mqjijHqKJh+P53AHRczHSTjSMPKZ2AMdjTTo14qzjj0Tzvw6A=
last-modified
Wed, 13 Jul 2022 06:40:05 GMT
server
cloudflare
etag
"5d3ac265a3e1d2fb05098f8917b29a51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
NWKPPB5514AH6J4F
cache-control
public, max-age=10800
x-amz-version-id
J3vL6lkUy3.PKSebc6e2lsqLGqyy_r1O
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 24 Jul 2022 16:00:00 GMT
148_248b4149632420b886ad_248b4149632420b886ad_walla.js
salat.zahav.ru/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salat.zahav.ru/public/148_248b4149632420b886ad_248b4149632420b886ad_walla.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:17 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 17:34:50 GMT
server
openresty/1.15.8.1
age
241783
etag
W/"2b34-18221d39290"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
weWZ8Pleu-Sjcq895J9AdvRJOa3UPZeM3blUyOD-4N_e7KO35zin2w==
x-cached
MISS
218_ecead03b6da4e81fa118_ecead03b6da4e81fa118_walla.js
salat.zahav.ru/public/ 		307 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salat.zahav.ru/public/218_ecead03b6da4e81fa118_ecead03b6da4e81fa118_walla.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ebe404ff7f3ac7c25c55e4d8459d5fb7d1084de6f770852251235eaa52556d77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:17 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 17:34:50 GMT
server
openresty/1.15.8.1
age
241783
etag
W/"4cc3c-18221d39290"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
2iY8rm5g4bCfPzzJFNE-nSjgZHepaFy3zd9NB4WGIxOWiAlcUmXU8w==
x-cached
MISS
main_1147856f0374b95a9947_1147856f0374b95a9947_walla.js
salat.zahav.ru/public/ 		1 MB
246 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salat.zahav.ru/public/main_1147856f0374b95a9947_1147856f0374b95a9947_walla.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5b5964d5e4fd2ff53d33c5f1ea3f2ad3a14bcaa156fd20185dca1c26b57cc203

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:13 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 17:34:50 GMT
server
openresty/1.15.8.1
age
241787
etag
W/"10f722-18221d39290"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
Z4lBFNmi-V6aRHzo37sswVWSlwtsOlD-SUtqu0s6UxN_KJOyOkTyTQ==
x-cached
MISS
zahav_e887f11d1a62b3ff1558_e887f11d1a62b3ff1558_walla.js
salat.zahav.ru/public/ 		101 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salat.zahav.ru/public/zahav_e887f11d1a62b3ff1558_e887f11d1a62b3ff1558_walla.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
36d08f25413c0421fdfa6d438de53f959cf896a31d05dd4ab648d1f12a88b64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:17 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 17:34:50 GMT
server
openresty/1.15.8.1
age
241783
etag
W/"1927a-18221d39290"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
a7zsPHzw8iT-43rILoRdv9WRjYpXEcD6n4H4_cbmUJDuhygfjkvy8Q==
x-cached
MISS
pubads_impl_2022071901.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 24 Jul 2022 12:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
485
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131527
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 08:34:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 24 Jul 2023 12:51:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		237 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=salat.zahav.ru
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
f0efcdeeb70aee0e9a522dc1f5ac5ff7be8f5ebab6415ede07ac1518d9177648
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
135
x-xss-protection
0
expires
Sun, 24 Jul 2022 13:00:00 GMT
zahavru-prod.js
cdn.valuad.cloud/hb/ 		962 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
aa8500475817d5d0853ef45ff33b8d8396cd302bf681e395d0ab315d8a232d28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:00 GMT
Content-Encoding
gzip
Connection
Keep-Alive
Last-Modified
Sun, 24 Jul 2022 08:50:18 GMT
x-amz-request-id
tx00000000000004364d169-0062dd07d1-280ab81f-fra1a
etag
"32fbfa998d945bb2c2e1d127f097db59"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1658667600.dop149.am5.t,1658667600.cds257.am5.shn,1658667600.dop149.am5.t,1658667600.cds273.am5.c
Content-Type
application/javascript
cache-control
public, max-age=86400
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
268057
gtm.js
www.googletagmanager.com/ 		169 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58RVJLV
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
548b6b4ef2653a10f71029662a952ac90b82b87d411800b78bc4c083c8b85ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59282
x-xss-protection
0
last-modified
Sun, 24 Jul 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 24 Jul 2022 13:00:00 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:c000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:51:41 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:50:34 GMT
server
nginx
age
499
etag
W/"62d7515a-933f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 055d899361491602a9ef1eb0cdc5e336.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
TYm2H_IuPGSsrdYOiHwTYqH19gL4M7cqWIUEK-WdjAlKKw6lVzp71Q==
expires
Sun, 24 Jul 2022 14:51:41 GMT
zahav.html
pogoda.co.il/widgets/partners/ Frame 7F33 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pogoda.co.il/widgets/partners/zahav.html
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b82ef0856fbfc7f7a1000502de2357fee22bda7916dce35a4dc15e7e65c2ec

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72fcd618bb509016-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:00 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOF2ca7XuepoFsuiH0Ld4tqgKJrWNeUmYeCrcfzdkX2BaP5m7HXXAlwVUxudwotSJiOwv5kBseIkefKGDWsl%2FyyAzpkFzVOzJdip%2FspyZyrZM7LN3CLF4Yd3EGoldrln8qmZEW6Ksxf973c%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-cache-status
HIT
iframe.php
date.zahav.ru/ Frame E554 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
420a404edd22181e827986349c994e68c5c307d254bf896bf4baa3aa06343db6

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1116
Content-Type
text/html; charset=utf-8
Date
Sun, 24 Jul 2022 13:00:00 GMT
Expires
Fri, 24 Jun 2022 13:00:01 GMT
Keep-Alive
timeout=20
Last-Modified
Fri, 24 Jun 2022 13:00:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		153 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=zahav.ru&domain=salat.zahav.ru&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b0112ba37acf5ed463806b6c7a703b49676dd8fb59b27106ac94c902961a108

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
gzip
x-cache-hits
1
age
2216
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
126
x-served-by
cache-hhn4039-HHN
access-control-allow-origin
*
x-timer
S1658667601.767139,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 22 Jul 2022 12:23:05 GMT
outbrain.js
widgets.outbrain.com/ 		203 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4715ad16485960a12cd014e491e9a07b0d14a2c061679622e1f6648724955721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
gzip
last-modified
Sun, 24 Jul 2022 05:15:23 GMT
etag
"16-cRq0EGjGfPwpL0GA1Dm4jNBKjmM"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
af7eceef21d95c780b6ceed52b05f0e3
timing-allow-origin
*, *
content-length
71639
zahav.ru.1297439.es6.js
jsc.idealmedia.io/z/a/ 		254 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893cfb4d8c1d7ef898902f1128407e3e23248cce089474ffd9de6cefc824d1fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4061
cf-ray
72fcd6188f969072-FRA
content-length
78031
x-amz-id-2
OBdU0iHhItMJLYJ/nIW3oGu7FQ1GwYploFNWUQYwa6r3SH6pmmYxYDIA2oihCN/r6lI4exdpgSY=
last-modified
Tue, 19 Jul 2022 10:13:32 GMT
server
cloudflare
etag
"ce46f59d42ffbe7f9f2150f72a472aaa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
E6EP7Z7QV6ZNYTTS
cache-control
public, max-age=10800
x-amz-version-id
Yh_nwZFyXDPuIAcn0boQkpQ6E5EEx82A
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 24 Jul 2022 16:00:00 GMT
wallaicons.woff
salat.zahav.ru/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://salat.zahav.ru/public/font/fonticon/wallaicons.woff
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-50.fra53.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 17:50:18 GMT
via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
last-modified
Thu, 21 Jul 2022 17:31:50 GMT
server
openresty/1.15.8.1
age
241782
etag
W/"3bdc-18221d0d370"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
Kyj6LvvbsotRv3OeoU4um1jsDJ8Y0kAqXeb4ycjmBkzht7gf2g6OUA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/public/218_ecead03b6da4e81fa118_ecead03b6da4e81fa118_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
87d98c58214039d8317f6519c1441b13d920e83988a58cfc51ea5dbcbe7094e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28358
x-xss-protection
0
server
sffe
etag
"1282 / 754 of 1000 / last-modified: 1658527520"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Jul 2022 13:00:00 GMT
page.php
www.facebook.com/plugins/ Frame 502D 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fzahav.ru&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/public/218_ecead03b6da4e81fa118_ecead03b6da4e81fa118_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
118e431908217d5c3e22c9cb3a19a2648ce672fdb76845fec182aca822fcae3c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
date
Sun, 24 Jul 2022 13:00:01 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
CtwW8s8IVaWvin93RbTFLFTe4zKXN2gv6OZeJbGBc9C9fItzn+unfWF5yKIMP6C7N4c4kWfq56fVV0S0JYHwoQ==
x-fb-rlafr
0
x-xss-protection
0
3046026-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/0/4/6/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/0/4/6/3046026-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
d765dbce936411395a2e3b703094f831d15f709b5611abe1a5260a97c6ae2266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 14:03:37 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
255383
edge-cache-tag
415873848018809236567765950800636141329,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
415873848018809236567765950800636141329,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5574
x-served-by
cache-lga21969-LGA
last-modified
Wed, 16 Mar 2022 09:03:33 GMT
server
cloudinary
x-timer
S1658412217.879863,VS0,VE139
etag
"dbb7e2b1d60c4730046079e78630d74a"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Ri2ugOMoc-aGCFHZ7NFzsg2-vG1qfdDXXrybPOWuT76mwiOlyDAQBA==
x-cache-hits
0
3412834-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/2/3412834-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
c460736c4c044d62b251832921ea45b6a9c262eba4e8aa63bcf0645bc44067e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 07:57:36 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
18144
edge-cache-tag
131027483254556166141446958766673811827,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
131027483254556166141446958766673811827,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
5958
x-request-id
cee0849de0d43c0fcaf259aaabb239f1
x-served-by
cache-iad-kjyo7100079-IAD
last-modified
Sun, 24 Jul 2022 07:57:37 GMT
server
cloudinary
x-timer
S1658649455.681131,VS0,VE1390
etag
"758369cd9f9c3d14e46174d09f8c33ca"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
Seq8Vg2GqMBdwuGU62yz_R9k-JTFz5OfYRy-EsR3nXgDQymjsdxUMQ==
x-cache-hits
0
3412923-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/2/3412923-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
de47686008f84ef74616c8b12a66b97989cab2603260e4c2eb3ceedf2dee89fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:11:31 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
10109
edge-cache-tag
350897250126676668792923313759962716897,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
350897250126676668792923313759962716897,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
8778
x-request-id
bb7907b4b2c50e405e765ee742d0e173
x-served-by
cache-lga21929-LGA
last-modified
Sun, 24 Jul 2022 10:11:32 GMT
server
cloudinary
x-timer
S1658657487.113452,VS0,VE3900
etag
"5124869581097bd6614e693d5716defc"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
RL6Lii5BuKDyfmzJLkjt3dOwuxCJo9Jflv4oi9w4vyd_e_OOhIrwZA==
x-cache-hits
0
3412858-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/2/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/2/3412858-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
944d20a52fe38b3e7755723735053cb665560c6e50bf3b236c9b7a591d42903a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 08:28:02 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
16318
edge-cache-tag
229552043241483418013997191705025316884,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
229552043241483418013997191705025316884,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
20773
x-request-id
ab73b8422935208b63466d306fd1f146
x-served-by
cache-iad-kjyo7100059-IAD
last-modified
Sun, 24 Jul 2022 08:28:03 GMT
server
cloudinary
x-timer
S1658651279.739374,VS0,VE3529
etag
"5bad8a09c2850332fd0e6afb4bb05229"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
zHmzcS7xZYJCBlLosTmDQGyhahmdcVG2Whfn4TnYlk0kdOKHypwnPw==
x-cache-hits
0
3412810-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/1/2/3412810-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
f7488b3bd575c3a1566d8318c76f549d3f021f4c55561bc478ecde5e4174103d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 07:12:29 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
20851
edge-cache-tag
242498860184965005584459838007166601992,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
242498860184965005584459838007166601992,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4471
x-request-id
71adb19ef0953255384c5e9905a149c0
x-served-by
cache-iad-kiad7000078-IAD
last-modified
Sun, 24 Jul 2022 07:12:30 GMT
server
cloudinary
x-timer
S1658646745.724467,VS0,VE4698
etag
"e97a6e9b2f783710936d64033d22eeeb"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
bU445Au0CoHTe69qoV1L-bOn-8wpeAOwxdQw3xpOX5tGdYnK3v7Vvg==
x-cache-hits
0
3334015-46.jpeg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/3/3/4/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/3/3/4/3334015-46.jpeg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
d6d69a2b5e7c295f2272cd3f57bad7890ec993c5b15f4da7beac97a5d2447de0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 05:18:45 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
373275
edge-cache-tag
135093541072861738099865738265307700648,100405190877075924057354241558136016486,d2bce9e04f88d43dd8350e859c701704
cache-tag
135093541072861738099865738265307700648,100405190877075924057354241558136016486,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
4926
x-served-by
cache-iad-kjyo7100046-IAD
last-modified
Tue, 15 Mar 2022 06:50:42 GMT
server
cloudinary
x-timer
S1658294325.419665,VS0,VE2
etag
"811c927c697514e296294b7e5e051141"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
0mX0Wfm0Jd4xLtUvJIITtWkfjBTi1C1M-dQzmKi5axDmF9F_DRlYxg==
x-cache-hits
1
3408830-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/0/8/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/4/0/8/3408830-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
764898e4528201a12c5f89cabdf59d2a4fc81d69cdfa9850e2249bb7a08d2e56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:01:13 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
982727
edge-cache-tag
385634362378525955529835075204820918007,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
385634362378525955529835075204820918007,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
9304
x-request-id
c39cf6e367d4202532c649db2dfb4616
x-served-by
cache-lga21960-LGA
last-modified
Wed, 13 Jul 2022 04:01:14 GMT
server
cloudinary
x-timer
S1657684872.693415,VS0,VE1464
etag
"7856297355a1c314e089d29bc04200f3"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
4x7SgFpWy17hJwlyCABvxXB9seXBgHPmqp_BCf2fYXD4uupa-iMlqQ==
x-cache-hits
0
3412601-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/1/2/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/1/2/3412601-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
4041a609884c27d2179a894e9aef5a10c48597681acb955df78f0d7f0fb1e695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 11:28:33 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
5487
edge-cache-tag
167525569457386003578135847281647854736,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
167525569457386003578135847281647854736,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
6573
x-request-id
92b7ae92951a99fc2285546d838dc594
x-served-by
cache-lga21981-LGA
last-modified
Sun, 24 Jul 2022 11:28:34 GMT
server
cloudinary
x-timer
S1658662109.705458,VS0,VE4555
etag
"abef76fd2e76f4126e6ec661c0ff15ae"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
5kdJQIw2wyOWAss1HUGNsprRo6J5yWfdYa_IOr4BnxeSlWCsW7h61w==
x-cache-hits
0
3375427-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/3/7/5/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/3/7/5/3375427-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
ec2415ed9d7875a4301e8c2f911a3c9b6638a72780b67c668416e17b1536db9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 11:29:44 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
5416
edge-cache-tag
297798227251433308926997586168887127624,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
297798227251433308926997586168887127624,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
2524
x-served-by
cache-iad-kjyo7100123-IAD
last-modified
Thu, 21 Apr 2022 11:57:03 GMT
server
cloudinary
x-timer
S1658662185.581365,VS0,VE1
etag
"c1a582a75ce39ae553aea39b7d21de01"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
YsUQlNrl9PMq_TmFwZaviZnVmrJrs724Gcmz5AyBeYmaggOdU8hsDw==
x-cache-hits
1
3366385-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/3/6/6/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/3/6/6/3366385-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
a794c5639534075e546b86b010f667ba3b5862e6a635cf8265a761a67d0ba6fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 11:31:12 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
5328
edge-cache-tag
183126759249693570694019598615935127424,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
183126759249693570694019598615935127424,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
2011
x-served-by
cache-iad-kiad7000095-IAD
last-modified
Thu, 31 Mar 2022 11:03:25 GMT
server
cloudinary
x-timer
S1658662272.465767,VS0,VE1
etag
"75ea7895e6f1f4184525bfbba2e07f6f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
LRuKNXpHcrJPUTmnXlytrBjIZif_5zkkrqwQNxT73E7hD660XQs9mA==
x-cache-hits
1
3411096-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/1/1/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/1/1/3411096-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
7f99cfc666f597f0d824cb2af5b4ccebb4438ff6c5c89a74d68db0a286ff62e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 12:09:21 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
348639
edge-cache-tag
206949688423037488139687054862283126910,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
206949688423037488139687054862283126910,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
7480
x-request-id
3c99bf658c818ff2fe6c21549f0406de
x-served-by
cache-iad-kiad7000115-IAD
last-modified
Wed, 20 Jul 2022 12:09:22 GMT
server
cloudinary
x-timer
S1658318956.643138,VS0,VE5504
etag
"a3e099e2e9dae1c33bd3296612b2d624"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
2VhFoQRIe9S1RSS7AACTdTTbS8JccTnwzx7q6imzQTlF9eJ8p2esuQ==
x-cache-hits
0
3379008-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/3/7/9/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/3/7/9/3379008-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
0791a886f260dd4dd927c3195dcd2fe6020d2e331b012e23b303b5e65b1befb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 14:41:45 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
80295
edge-cache-tag
218677924970983744725329367815461782087,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
218677924970983744725329367815461782087,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5999
x-served-by
cache-iad-kiad7000097-IAD
last-modified
Fri, 29 Apr 2022 11:57:41 GMT
server
cloudinary
x-timer
S1658587305.969788,VS0,VE120
etag
"4e58aeb1b327be1342e268a9152da414"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
HyKHxli-nfet8SrYukDKpmqE9OU8p-n4_3x9HDZhj8gB22jpLv4HZQ==
x-cache-hits
0
3412508-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/1/2/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/1/2/3412508-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
5bf509ecdef069f051b5c072cbd91fdce5df8cd8fdd32ce8e57f6d9245636d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 14:42:58 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
80222
edge-cache-tag
210056900422842705201564108980565576403,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
210056900422842705201564108980565576403,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
4436
x-request-id
6b5fb74bbc5af89838b2d123616a7eb8
x-served-by
cache-lga21973-LGA
last-modified
Sat, 23 Jul 2022 14:42:59 GMT
server
cloudinary
x-timer
S1658587374.931799,VS0,VE4365
etag
"2ca02164f52c03728c5fdd7e93a47526"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
GGEjXay5rSTnBMK7xqlrXdlP4DdYXkbX8bisc3fkYnJ2av-7iBUkjg==
x-cache-hits
0
3412556-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/1/2/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/4/1/2/3412556-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
9c0c3c81286fcacd652bc70b788af7de04ce5ad41fea7835d40fb4f266a6e765

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 14:44:30 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
80130
edge-cache-tag
395252715540189280930633529230859152574,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
395252715540189280930633529230859152574,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
2304
x-request-id
70955984f70668006b8fd3accc643a55
x-served-by
cache-iad-kiad7000021-IAD
last-modified
Sat, 23 Jul 2022 14:44:31 GMT
server
cloudinary
x-timer
S1658587466.062998,VS0,VE4682
etag
"6ed921d3ed7631beca97d88b950db5e8"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
tirejEqNjBHhdeyBd_3adK_BQ1qLEx7yyl5orp94-jsIlcz2TJQOaA==
x-cache-hits
0
3279393-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/2/7/9/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_200,t_54/3/2/7/9/3279393-46.jpg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-74.fra50.r.cloudfront.net
Software
cloudinary /
Resource Hash
f82903ee891c5531102f6e8f78466541e7d68aa4d668820d894dc9d6a6afb398

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 14:45:17 GMT
via
1.1 varnish, 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
age
80083
edge-cache-tag
400562428528386775667701931140198619869,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
cache-tag
400562428528386775667701931140198619869,271049015777213030236564670234258799301,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
3518
x-request-id
3fd56cc576b52d44dbba30d954f515e6
x-served-by
cache-iad-kiad7000171-IAD
last-modified
Sat, 23 Jul 2022 14:45:18 GMT
server
cloudinary
x-timer
S1658587513.247965,VS0,VE4404
etag
"4da38f3fbd34f899fe7bc15250404be9"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
HMebtWQ4f_I4W4kKaiBNP8mqkDPU71b6LZ28QSxK6avsUmJBUIy1Fg==
x-cache-hits
0
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=zahav.ru&p=%2F&u=BeojsZBwPGvOFs_aC&d=salat.zahav.ru&g=20047&g0=%D0%A1%D0%B0%D0%BB%D0%B0%D1%82&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5279&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=756&t=L19fLD-ODUzCNaWhnDKnSYtCS48Bd&V=136&i=Zahav.ru%20%D0%A1%D0%B0%D0%BB%D0%B0%D1%82&tz=0&sn=1&sv=DNAsaIC2-9DTD3grj2DYAaRbBsWs98&sd=1&im=061b2fff&_
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.205.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-235-205-35.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
zahav.js
pogoda.co.il/widgets/partners/ Frame 7F33 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pogoda.co.il/widgets/partners/zahav.js
Requested by
Host: pogoda.co.il
URL: https://pogoda.co.il/widgets/partners/zahav.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc010d885e0099b26383a796194c1859190aafa47f2e4a955a180d968f1d5d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pogoda.co.il/widgets/partners/zahav.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 24 Jul 2022 12:31:07 GMT
server
cloudflare
etag
W/"19f3-5e48c3dcfc1ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzTSKyewn3RHT%2BuyHNeMk0FQnfmxavl6I3T4ROawrwUWBJRpO%2FMGFUUOHdOXjQxkq7%2FK4d4AVtJN6OW5Qj%2Buricirmgv9C92mjXMm5GoJaOFmdqffSfTPtBSyP%2BKS5aK7B9%2BlODzmGRJPjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
72fcd61a3dd99016-FRA
expires
Sun, 24 Jul 2022 13:10:56 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ Frame 7F33 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: pogoda.co.il
URL: https://pogoda.co.il/widgets/partners/zahav.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://pogoda.co.il/
Origin
https://pogoda.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
72fcd61a6e1f693d-FRA
c2FsYXQuemFoYXYucnU=
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/c2FsYXQuemFoYXYucnU=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:01 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=37045
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
88b12f332eb24f2f3a04d9981f2724c9
Content-Length
16
Expires
Sun, 24 Jul 2022 23:17:26 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-78.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Tue, 23 Aug 2022 13:00:01 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-73.fra56.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:32:15 GMT
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
2597
etag
"61b8b8ab-1090"
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
4240
x-amz-cf-id
otxTV4tSJkFpVcz5eJmNrhmeLVCMS2AuixJNHj5REYlzt_MOEcw1Hw==
expires
Sun, 24 Jul 2022 13:16:44 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
c9695b6a5395bcde3e07b63a72772ca2b69d329adb4d3d8d575011cde08ea33f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:33:01 GMT
content-encoding
br
etag
W/"f234f57fc553f9da199d3493ac95d4ba"
last-modified
Sun, 24 Jul 2022 12:33:01 UTC
server
nginx/1.20.0
age
1620
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
pnmpUE_Qcn9tYPq2mp04sHtU8RBQVtIlI71g8D9AVkYq27ZiRJbU8w==
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58RVJLV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7081
date
Sun, 24 Jul 2022 11:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 24 Jul 2022 13:02:00 GMT
widget.js
d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/ 		736 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/widget.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b22737ff0cffbc4224eed81781e00c9eb3a242590c59a3c14b11ed5bae83a6f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 00:12:34 GMT
Via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 01 Feb 2018 11:19:16 GMT
Server
AmazonS3
Age
9031648
ETag
"4d15062a4e2290d32a7e395b47be5382"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=29030400, public
X-Amz-Cf-Pop
FRA56-P3
Accept-Ranges
bytes
Content-Length
736
X-Amz-Cf-Id
NIjs-k9ie0CvYodc9WBsBHX-fcuRMcXuJycIDmQGU8EuHFrwUonqSg==
00f2b5fa-5914-488b-95f5-be69e31211ac
https://salat.zahav.ru/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://salat.zahav.ru/00f2b5fa-5914-488b-95f5-be69e31211ac
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
de488121-8b91-45db-b410-d56b39e66f9a
https://salat.zahav.ru/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://salat.zahav.ru/de488121-8b91-45db-b410-d56b39e66f9a
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://salat.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://salat.zahav.ru
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 24 Jul 2022 13:00:01 GMT
server
Google Frontend
x-cloud-trace-context
7f8ef68aa16d1b61bd365946d70c6587
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Accept
application/json
Referer
https://salat.zahav.ru/
x-request-id
f73b4cc2-283d-4cc6-b73d-b0614bfbba32
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-vad-version
0.7.30
Content-Type
application/json

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://salat.zahav.ru
x-cloud-trace-context
57c774e17f47ff623bb32ae68d930546
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220724
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61fed899d2665d064c8bd29c322821c681dc1c44f6188a73fb831482ae4cb68a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35946
x-jsd-version
1.0.1410
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19178-FRA, cache-iad-kiad7000101-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-45OJTBE3wtyM//Z04ikP3SJEjgs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goaMx4chlP1Y%2FfPckO%2BLUd5f85A5wXQOYZ9uU6%2Baeiklbcgl9Ly3AK7Qr5S83twAw5Jh6qEyF6WO7WQgBvIeMq%2BJ4Dn1i6Pw9MX5UOUrek8ld%2B33pY8ZxyqjDnPRZl5nO1zygyzrJnO2XqVyG%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
72fcd61b1aefbbe5-FRA
access-control-expose-headers
*
localstore.js
script.4dex.io/ 		483 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1382409
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqgRXyDVOcPbMP6zE8RZ92tAL2G%2BrDeEqPduQCQYA0FYXr81u81CE3%2FQhCxZ%2FDORDbXE%2BzmBH%2FaNnXgDj4wY6Vq%2FTBqTpqH3y4rXG%2B2zO3Ta6BdG30Lazxz8LDYpHdgGN0F%2FkupUcO9jdbDx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
72fcd61b28549261-FRA
prebid
ib.adnxs.com/ut/v3/ 		607 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
317a78901aba3fcb0994d31e9ad8a7a8f8e79ab3e36bb1ba041831ae15544682
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 24 Jul 2022 13:00:01 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bd5736d8-5fc7-4bc4-94e6-c8505414bfc4
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
arj
u.openx.net/w/1.0/ 		73 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsalat.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b26646c0-ff56-422f-abc5-aec87be14e50%2C410982ed-bc00-4ccc-84c6-e67b262f2ecf%2C3f13f269-3187-4ff3-9666-a280aee95f0d%2Cdc00df4a-312d-455f-8ddb-ac210184f34f%2Cbe5197df-ebc9-4ca9-986b-9b49f7998395&nocache=1658667601112&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%2C970x350%7C120x600%2C160x600%2C300x600%2C300x1050%7C120x600%2C160x600%2C300x600%2C300x1050%7C120x600%2C160x600%7C300x250&divids=adSlot-1%2CadSlot-2%2CadSlot-3%2CadSlot-4%2CadSlot-5&aucs=43010785%252Fzahav%252Finnerpages%252Ftop_desktop%2C43010785%252Fzahav%252Finnerpages%252Fskyscraper_desktop%2C43010785%252Fzahav%252Finnerpages%252Fskyscraper_desktop%2C43010785%252Fzahav%252Finnerpages%252Fskyscraper_desktop_menu_down%2C43010785%252Fzahav%252Finnerpages%252Fmain_rectangle_desktop&auid=544104786%2C544104786%2C544104786%2C544104786%2C544104786
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
0ba1d900a333c483b142d186c7a6158dc89d909548886d7c878419397031e2e7

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
server
OXGW/485d39a
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://salat.zahav.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://salat.zahav.ru
date
Sun, 24 Jul 2022 13:00:00 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
fastlane.json
fastlane.rubiconproject.com/a/api/ 		362 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Finnerpages%2Ftop_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=b26646c0-ff56-422f-abc5-aec87be14e50&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Finnerpages%2Ftop_desktop&slots=1&rand=0.9805424192631622
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5e0193ce34cbadb5876a149e44a5cf4844f3ff897034b6e67127e7b395754977

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
362
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		371 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=9&alt_size_ids=8%2C10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Finnerpages%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=410982ed-bc00-4ccc-84c6-e67b262f2ecf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Finnerpages%2Fskyscraper_desktop&slots=1&rand=0.5556710458727385
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
15e381ebe83f7072ae67473ceb1a2aab6d90aad977285f6f13e092b256341423

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
371
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		371 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=9&alt_size_ids=8%2C10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Finnerpages%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=3f13f269-3187-4ff3-9666-a280aee95f0d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Finnerpages%2Fskyscraper_desktop&slots=1&rand=0.4963414717142334
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e10cd660b15acaf2d6f6cd2d38cf042b4d2a724bb62f51c6bb75c1ac85b193ba

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
371
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		375 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Finnerpages%2Fskyscraper_desktop_menu_down&tk_flint=pbjs_lite_v6.14.0&x_source.tid=dc00df4a-312d-455f-8ddb-ac210184f34f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Finnerpages%2Fskyscraper_desktop_menu_down&slots=1&rand=0.16627834539581143
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
aa6370e17335c4acdccdf146e0884e4a7d1b619ce0659b1dd52f5b191179686b

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
375
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		351 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Finnerpages%2Fmain_rectangle_desktop&tk_flint=pbjs_lite_v6.14.0&x_source.tid=be5197df-ebc9-4ca9-986b-9b49f7998395&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Finnerpages%2Fmain_rectangle_desktop&slots=1&rand=0.5108907033147343
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a68cf86fec22694c8244ff9665ad817844d2dc8de3036c907df3383cbba8a719

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:01 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
351
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		18 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.14.0&cb=86300223539
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Jul 2022 13:00:00 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://salat.zahav.ru
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
c095e8bb2c4bd17bd3b580faf8ac411551b1bc9751bc6774290755046cc16f4d

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://salat.zahav.ru
Date
Sun, 24 Jul 2022 13:00:01 GMT
Content-Encoding
gzip
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/json
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=salat.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=salat.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		588 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=884397063421171&correlator=211677552822631&eid=31068409%2C31068252%2C31068367%2C42531606%2C42531607&output=ldjh&gdfp_req=1&vrg=2022071901&ptt=17&impl=fifs&iu_parts=43010785%2Czahav%2Cinnerpages%2Cprestitial_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=4143402420&sfv=1-0-38&ecs=20220724&ists=1&fsapi=false&prev_scp=slot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D307%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1658667601131&lmt=1658667601&dlt=1658667600247&idt=437&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fsalat.zahav.ru%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=640&ohw=0&ga_vid=184288646.1658667601&ga_sid=1658667601&ga_hid=1520544109&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
93928f8b02f431a0a4ca5f36c894632b40ea82b31e3afb4ae24842b75f2bd3e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
312
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E781 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:01 GMT
expires
Mon, 24 Jul 2023 13:00:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
informerData
pogoda.co.il/a-panel/ajax/ Frame 7F33 		0
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pogoda.co.il/a-panel/ajax/informerData
Requested by
Host: pogoda.co.il
URL: https://pogoda.co.il/widgets/partners/zahav.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pogoda.co.il/widgets/partners/zahav.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSlRSqYOm2evLXXG0LpopcE1MLPMqEmEcXRvjRsBqJK3KzkxKnP5BWKU9X8VjHpQtZUaapLQYlb8LKvlAWVvKBZBqjxbp9zFHkmJJ5Ee4mm%2FtaROIbLm2ow8iDbjU2ySG%2BMzYmF4mclPTvU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-ray
72fcd61b2ca39b83-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
Z_De6xFj_yn.css
static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/ Frame 502D 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/l/0,cross/Z_De6xFj_yn.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fzahav.ru&tabs&width=300&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a914169751b5d6be1f49ee6ffa75344678d49590fc7274458d337448f3202da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tPF4nfpgZgZG/uCQ2Jfu+A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4907
x-fb-rlafr
0
x-fb-debug
aPnbCx1zIPrq679sahy/cAyRyYbZ/i1hieRH4Ff8EkBo9meRPW5vLRyhU+VgvpjpR/UuUBgj8WemOmT2Ze2F8Q==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 24 Jul 2023 04:44:33 GMT
iframe.css
date.zahav.ru/css/ Frame E554 		939 B
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/css/iframe.css?v=514
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Jul 2020 07:11:49 GMT
Server
nginx
ETag
"3ab-5a9d4b4718cac-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
436
Expires
Wed, 19 Jul 2023 13:00:00 GMT
online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame E554 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:00 GMT
Last-Modified
Tue, 06 Feb 2018 06:51:18 GMT
Server
nginx
ETag
"5a795066-3f1"
Content-Type
image/png
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
1009
Expires
Wed, 19 Jul 2023 13:00:00 GMT
tb_03f4hmdemv.jpg
date.zahav.ru/photos/92/2092/10772092/ Frame E554 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/92/2092/10772092/tb_03f4hmdemv.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
28b85e0edaf7df1b1c0ef9e28b6dde14c95340e80476f3b51f3650be645e9201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:00 GMT
Last-Modified
Sun, 05 Jun 2022 21:57:53 GMT
Server
nginx
ETag
"629d26e1-1799"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
6041
Expires
Wed, 19 Jul 2023 13:00:00 GMT
tb_jwqjaaosvh.jpg
date.zahav.ru/photos/69/3269/10193269/ Frame E554 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/69/3269/10193269/tb_jwqjaaosvh.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
645af482628978e85ad44889c7e8fe1bcbde15c054c061babafd435a0a9d8de4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:00 GMT
Last-Modified
Thu, 17 Feb 2022 18:34:35 GMT
Server
nginx
ETag
"620e953b-11cc"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
4556
Expires
Wed, 19 Jul 2023 13:00:00 GMT
tb_u81c12ns92.jpg
date.zahav.ru/photos/110/1710/5796710/ Frame E554 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/110/1710/5796710/tb_u81c12ns92.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
35e01e133666a5a4c960e10f1dbd418ea9015fc03fdc760f6713c69a810633a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:00 GMT
Last-Modified
Sun, 03 Jul 2022 18:48:45 GMT
Server
nginx
ETag
"62c1e48d-136a"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
4970
Expires
Wed, 19 Jul 2023 13:00:00 GMT
tb_y9ip6a9cc9.jpg
date.zahav.ru/photos/154/4154/299154/ Frame E554 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/154/4154/299154/tb_y9ip6a9cc9.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
bceca3a77c72bf2cb182849e0298143df3931fe1251adc2d4cd2be1b75d9085e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=503&lang=rus&geo_select=44&icons=gray&tid=503&hot=1&new_window=1&cols=1&rows=4&size=1&show_info=1&static_online=1&width=160&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:00 GMT
Last-Modified
Thu, 28 Nov 2019 04:32:59 GMT
Server
nginx
ETag
"5ddf4dfb-155a"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
5466
Expires
Wed, 19 Jul 2023 13:00:00 GMT
d000_70.png
pogoda.co.il/img/pogoda/ Frame 7F33 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/pogoda/d000_70.png
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beabe65680c8743ac2c03b469d77be5bdd4746db71a57352d44924991109fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pogoda.co.il/widgets/partners/zahav.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21266
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2240
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"8c0-5c48c6f572180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylHq4z6RLVUs89n6xRWI0RxqbDIXY3zKMj7dlUXdp%2FbSKRPUUPkP6J9j3NjtHLBdOIoCeSV9HhA%2FLKAbl%2FoUBjSEAJI90lKRkFBy5SOaDfV7ti1R99MxQ30ip1lEBrvdEtIGijwjedjrt94%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
72fcd61b7d229b83-FRA
expires
Tue, 23 Aug 2022 07:05:35 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 19:50:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 19:50:44 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-78.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Tue, 23 Aug 2022 13:00:01 GMT
rum
pogoda.co.il/cdn-cgi/ Frame 7F33 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pogoda.co.il/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://pogoda.co.il/widgets/partners/zahav.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
application/json

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://pogoda.co.il
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
72fcd61b7d319b83-FRA
vary
Origin
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1382345
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx8490077081374c9193f44-00629f4bd5
x-amz-id-2
tx8490077081374c9193f44-00629f4bd5
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4q7eu%2Fdw7MVEnjSIfH4xFqtn12eDTyvZslIBQ4pyXQLZR%2F%2Ff3OUEBhUbkZ1s9tSAoh0yQ25me8CoC5iQCkCv9P4lDGZXg4HJ1WRNizbeWFK8QDqxIYdQCUFySRLBgKkCSLx17Vq65L8IohKR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
72fcd61ba9989b45-FRA
access-control-allow-headers
Authorization
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1520544109&t=pageview&_s=1&dl=https%3A%2F%2Fsalat.zahav.ru%2F&ul=en-us&de=UTF-8&dt=Zahav.ru%20%D0%A1%D0%B0%D0%BB%D0%B0%D1%82&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1742255026&gjid=1649287653&cid=184288646.1658667601&tid=UA-4780630-1&_gid=1916604735.1658667601&_r=1&gtm=2wg7k058RVJLV&z=1510613554
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget.js
d221oziut8gs4d.cloudfront.net/ 		0
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d221oziut8gs4d.cloudfront.net/widget.js?id=19762624&secure&9214820
Requested by
Host: d2xerlamkztbb1.cloudfront.net
URL: https://d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.193 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-193.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:01 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA50-C1
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=UTF-8
Via
1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache="set-cookie"
Connection
keep-alive
Content-Length
20
X-Amz-Cf-Id
JOj4HfcNd9f104AOvWXe1SgC0O0MnJE0BSe8yd5ScRrW53_qYGLFvw==
d000_70.png
pogoda.co.il/img/pogoda/ Frame 7F33 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/pogoda/d000_70.png
Requested by
Host: pogoda.co.il
URL: https://pogoda.co.il/widgets/partners/zahav.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beabe65680c8743ac2c03b469d77be5bdd4746db71a57352d44924991109fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pogoda.co.il/widgets/partners/zahav.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21266
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2240
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"8c0-5c48c6f572180"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSUirbaNmIwEWhKDq9ILBJEyOOpA3JgQTE88K%2BZkHuU7Ws42LNorWX%2F7k%2BtF%2Bq18dh1wwYwAzkPlh%2FV7OlDAwPM4VFaeG4Jhy4h0Pe%2BhcbIPlPVY6z3IDtz08Ewxg9BNlTsfVX5T2v5PLFA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
72fcd61bad699b83-FRA
expires
Tue, 23 Aug 2022 07:05:35 GMT
/
c.idealmedia.io/pv/ 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.idealmedia.io/pv/?pv=5&cbuster=1658667601249710215815&uniqId=03f50&lct=1658188800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fsalat.zahav.ru&lu=https%3A%2F%2Fsalat.zahav.ru%2F&sessionId=62dd4251-00f53&pageView=1&pvid=182304b0d618e752f9c&site=798910&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72fcd61beb979072-FRA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
579a9d66-ad41-4196-8a5a-fabe11acd57a
https://salat.zahav.ru/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://salat.zahav.ru/579a9d66-ad41-4196-8a5a-fabe11acd57a
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/ 		1 KB
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
214
x-amz-request-id
7J95546KJERBM4VA
x-amz-id-2
oTFF7QNDAw5KtJrgxJWxuMDe1e0e0Wo5YiC0ztRP1Q+eXSYcxJV2Hb30hhIDdjKQn+BDLSCOMYc=
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
etag
W/"ff394e3a03921d25c2f03e03046bf506"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
72fcd61c1bcb9072-FRA
expires
Sun, 24 Jul 2022 17:00:01 GMT
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://salat.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://salat.zahav.ru
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sun, 24 Jul 2022 13:00:01 GMT
server
Google Frontend
x-cloud-trace-context
35c183e9d52672823d9e669946c038dd
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
application/json
Referer
https://salat.zahav.ru/
x-request-id
9b6860e6-eaac-42da-8c9e-c4c53698d1d0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
x-vad-version
0.7.30
Content-Type
application/json

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://salat.zahav.ru
x-cloud-trace-context
b89ee56005895aa5022e2d777d5e65c3
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=salat.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=salat.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		186 KB
64 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=884397063421171&correlator=1686272580770173&eid=31068409%2C31068252%2C31068367%2C44763381%2C42531606%2C42531607&output=ldjh&gdfp_req=1&vrg=2022071901&ptt=17&impl=fifs&iu_parts=43010785%2Czahav%2Cinnerpages%2Ctop_desktop%2Cskyscraper_desktop%2Cskyscraper_desktop_menu_down%2Cmain_rectangle_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6&prev_iu_szs=480x1%7C770x430%7C728x90%7C480x270%7C720x300%7C970x90%7C970x250%7C970x350%2C120x600%7C160x600%7C300x600%7C300x1050%2C120x600%7C160x600%7C300x600%7C300x1050%2C120x600%7C160x600%2C300x250&ifi=2&adks=3393772807%2C232922706%2C232922705%2C1721552188%2C1530192467&sfv=1-0-38&ecs=20220724&fsapi=false&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D307%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D49b33ad3f93bc7a%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D307%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D5012e6b09bd5909%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D307%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D51ab0c6c15a0bf3%7Cslot_name%3Dskyscraper_desktop_menu_down%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D307%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dmain_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dmain%26vertical_id%3D307%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D528588ce78c49c5&eri=1&sc=1&cookie=ID%3D7c3aea37c07f289f-22e18bd0d8cd0044%3AT%3D1658667601%3AS%3DALNI_MYmd5TIR3v6VzVT5Cr7H9s_pRA44g&abxe=1&dt=1658667601319&lmt=1658667601&dlt=1658667600247&idt=437&adxs=315%2C1480%2C0%2C315%2C985&adys=15%2C0%2C0%2C1552%2C78&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C0&ucis=2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fsalat.zahav.ru%2F&frm=20&vis=1&psz=970x0%7C0x-1%7C0x-1%7C160x0%7C300x0&msz=770x0%7C120x-1%7C120x-1%7C120x0%7C300x0&fws=132%2C644%2C644%2C132%2C132&ohw=970%2C0%2C0%2C160%2C300&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=184288646.1658667601&ga_sid=1658667601&ga_hid=1520544109&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
735c58ee6fccefbac6a168403deb38170083705ff94e5457c7005e1afb6ec594
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvRuanKkfkCFWnGuwgd368HAA&gqi=&layout=/sadbundle/%24csp%253Der3%24/15422582990587932682/160x600_EN/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvRuanKkfkCFWnGuwgd368HAA&gqi=&layout=/sadbundle/%24csp%253Der3%24/15422582990587932682/160x600_EN/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1,-1,-1,-1,-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65148
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
date
Sun, 24 Jul 2022 13:00:01 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsalat.zahav.ru%2F&idx=0&rand=2729&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=15&vpd=0&cw=1600&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000823&sig=fWSwTE0V&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsalat.zahav.ru%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cb0cac59cafcfa2cd1e57653986d3f1be16f913ff0fa8cc0343822bd7dff3aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1658667601.382966,VS0,VE104
accept-ranges
bytes
x-served-by
cache-lga13626-LGA, cache-hhn4046-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
79b82af212edfa56c668c26511ca0e1c
content-encoding
gzip
content-length
858
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4780630-1&cid=184288646.1658667601&jid=1742255026&gjid=1649287653&_gid=1916604735.1658667601&_u=YAhAAEAAAAAAAC~&z=878015075
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 24 Jul 2022 13:00:01 GMT
content-type
text/plain
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		103 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=6962&url=%2F&charset=UTF-8&ch=13&ref=salat.zahav.ru&viewerId=null&referer=&_firid=56150519
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
eb51cd9aa2f7045cbaf18d6f211e0018f379c29cf9d8de114828929b56696c17

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
access-control-allow-origin
https://salat.zahav.ru
server
nginx/1.20.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
BNq_QMF_AUTikQIMli-9y2YTolUAkEs0MZAcz9ArFH0zG8LdEpg67Q==
expires
0
1
servicer.idealmedia.io/1297439/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.idealmedia.io/1297439/1?pv=5&cbuster=165866760134051806267&uniqId=03f50&lct=1658188800&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=586&cols=1&ref=&cxurl=https%3A%2F%2Fsalat.zahav.ru&lu=https%3A%2F%2Fsalat.zahav.ru%2F&sessionId=62dd4251-00f53&pageView=1&pvid=182304b0d618e752f9c&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cd27de2bd830715518dee2d1d3c81f83836ca247c59871e11f80d8c8e099691

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
72fcd61c7c509072-FRA
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1658667601341&sessionId=4e009697-d4a2-d5f4-ec36-5077020b7515&url=salat.zahav.ru&cheqSource=1&cheqEvent=3&responseTime=326
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:01 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
711e071cf4c5d241ff824b47cb75ceec
Content-Length
4
Expires
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=184288646.1658667601&jid=1742255026&_u=YAhAAEAAAAAAAC~&z=472099988
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=184288646.1658667601&jid=1742255026&_u=YAhAAEAAAAAAAC~&z=472099988
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNTUyMDAxL2FkZDY2ZDNmZTU1MzNkYTZkMjJhM2JlYzQwNGZmNTNkLmpwZWc.webp
s-img.idealmedia.io/n/10168368/492x277/0x0x600x337/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10168368/492x277/0x0x600x337/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNTUyMDAxL2FkZDY2ZDNmZTU1MzNkYTZkMjJhM2JlYzQwNGZmNTNkLmpwZWc.webp?v=1658667601-xnUxL8qLZMEfeuJcznuCj0nLETxwmkJKrKEzeTQUqlg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ecb4dcce240cb5b5e725e285667fa590b7f49a0fcad3403c63943f0d2f3ae4d

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
last-modified
Thu, 21 Jul 2022 16:14:50 GMT
x-mg-request-uuid
3d40b601-73a7-4a98-8529-a7e6e444a6a7
age
74332
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72fcd61d0a4c690a-FRA
content-length
18878
server
cloudflare
expires
Sun, 24 Jul 2022 16:21:09 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzcxODY0OS82NjJhNDhiMzVjNWVhNmE1NDg0OGYyYmExZTFjY2I5NC5qcGVn.webp
s-img.idealmedia.io/n/10168619/492x277/23x0x855x481/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10168619/492x277/23x0x855x481/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzcxODY0OS82NjJhNDhiMzVjNWVhNmE1NDg0OGYyYmExZTFjY2I5NC5qcGVn.webp?v=1658667601-fVjfncPySFyZW3zI5E_dqZ72-0sAy4YVO5prDqoeXGY
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0047b9e47197b6e4fc8377caa86fb9736408379bc1a6c1da998c87cc5961bd2

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
last-modified
Fri, 22 Jul 2022 07:54:52 GMT
x-mg-request-uuid
93e02e01-5ecf-44e9-989b-289301fcc7d2
age
18162
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72fcd61d0a4f690a-FRA
content-length
13186
server
cloudflare
expires
Mon, 25 Jul 2022 07:57:19 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTY2Mi9lYjFiOGJjMWEyNGU4MmM4ZTIwMDg3NDE3YTgxZDNhNC5qcGVn.webp
s-img.idealmedia.io/n/10164715/492x277/0x143x856x481/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10164715/492x277/0x143x856x481/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTY2Mi9lYjFiOGJjMWEyNGU4MmM4ZTIwMDg3NDE3YTgxZDNhNC5qcGVn.webp?v=1658667601-LDkPhHJhlvMl0LwIUIxAUDJDRcFgAXRc9mwRo_AfWXE
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f413856ff75bc4ed694c009a64bb22a4690ae4e94b1224c5cb890f848f8e374c

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
last-modified
Sun, 24 Jul 2022 09:19:55 GMT
x-mg-request-uuid
f4348945-b037-418d-ac98-b468239aeb03
age
13185
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72fcd61d0a51690a-FRA
content-length
14348
server
cloudflare
expires
Mon, 25 Jul 2022 09:20:16 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTUyMDAxLzcwYjdmNjNlMDIxODNlNTEzNTNjNjVlYjg2MTNjNjc1LmpwZWc.webp
s-img.idealmedia.io/n/10063426/492x277/64x0x640x360/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10063426/492x277/64x0x640x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTUyMDAxLzcwYjdmNjNlMDIxODNlNTEzNTNjNjVlYjg2MTNjNjc1LmpwZWc.webp?v=1658667601-j_p4m4BYkoPw4g77ULwdLVw64lNLGi8TctRTr11gDEo
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09ba7991a0f0d3e029beaa9c2e96a733a57bce30a35bd41a9aaf252b878aeff3

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
last-modified
Sat, 23 Apr 2022 08:21:56 GMT
x-mg-request-uuid
7d1346ea-ecf6-471f-b987-a9399ae3bd94
age
44305
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72fcd61d0a53690a-FRA
content-length
17632
server
cloudflare
expires
Mon, 25 Jul 2022 00:41:36 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNzIwNjIzL2UwMjJkMjQxYzUxYmU2NWEwNmVkNGYxZTAwY2FiODYxLmpwZWc.webp
s-img.idealmedia.io/n/10167070/492x277/0x37x1347x758/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10167070/492x277/0x37x1347x758/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNzIwNjIzL2UwMjJkMjQxYzUxYmU2NWEwNmVkNGYxZTAwY2FiODYxLmpwZWc.webp?v=1658667601-OcRj3hmdVdRRyFCxMoc8DcEgsK0bR1An5qBdRgIApac
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a0ec47b9217be8ac6ebb13b10444bab66068ee7518acba1265c83e5182ef759

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 15:24:49 GMT
x-mg-request-uuid
6af8720c-955f-4a12-879f-dddc6ede3a97
age
77646
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72fcd61d0a54690a-FRA
content-length
10038
server
cloudflare
expires
Sun, 24 Jul 2022 15:25:55 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNTA5MTUzLzAyYzM2YWYyMjBiMjhkOGU2MDYwM2QxZWQ5OTNlYmE3LmpwZWc.webp
s-img.idealmedia.io/n/10165801/492x277/208x0x945x532/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10165801/492x277/208x0x945x532/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNTA5MTUzLzAyYzM2YWYyMjBiMjhkOGU2MDYwM2QxZWQ5OTNlYmE3LmpwZWc.webp?v=1658667601-JMnf8EKvZU72JyGsNDFiw-Dkiy3iTEgr9-Fa5wqnSAQ
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17602e8e7a9b133730e25188ceb9d5e579dac68e5fc5946c5da727d783dcbcb

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
last-modified
Tue, 19 Jul 2022 10:34:51 GMT
x-mg-request-uuid
72f5df7a-da36-4b2b-a943-1cb8db1504ec
age
6986
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72fcd61d0a55690a-FRA
content-length
13168
server
cloudflare
expires
Mon, 25 Jul 2022 11:03:35 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNDI3MDI0LzYyZWRlY2MxYmZkNzkzYmFiNjkzYzE1ODhhZmQ5NzJmLnBuZw.webp
s-img.idealmedia.io/n/10153508/492x277/0x0x579x325/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10153508/492x277/0x0x579x325/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNDI3MDI0LzYyZWRlY2MxYmZkNzkzYmFiNjkzYzE1ODhhZmQ5NzJmLnBuZw.webp?v=1658667601-bZVn4YfnEuGykV95JAB6kU13HKqSRbmKmrcAevfnHfQ
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca1b59edad594c473406b0d8c86ae35a4bced3eaaef9935f0012b90eb5ff62c0

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 18:26:03 GMT
x-mg-request-uuid
73817395-57f3-4af9-bc79-b2d29eb6d644
age
25620
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72fcd61d0a56690a-FRA
content-length
6090
server
cloudflare
expires
Mon, 25 Jul 2022 05:53:01 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNTUyMDAxLzVlNjUwNjYyOGJiZjM0ZDEyZDg1Nzk0NDU4OGI1NWFjLmpwZWc.webp
s-img.idealmedia.io/n/10164857/492x277/15x0x538x302/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10164857/492x277/15x0x538x302/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvNTUyMDAxLzVlNjUwNjYyOGJiZjM0ZDEyZDg1Nzk0NDU4OGI1NWFjLmpwZWc.webp?v=1658667601-YgkszdCngZYTS9IgrTjMPSdSe-dF3BS8T_I3yympfVA
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48e75addbeb7a3b67f24e1f77a8d9de5e11baffd15195ca582fe9d943c20a4f6

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
HIT
last-modified
Mon, 18 Jul 2022 11:10:21 GMT
x-mg-request-uuid
5b4898ac-8962-4a83-a231-3309f501b3c5
age
3037
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
72fcd61d0a58690a-FRA
content-length
5738
server
cloudflare
expires
Mon, 25 Jul 2022 12:09:24 GMT
i.js
cm.idealmedia.io/ 		0
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i.js?&cbuster=165866760140475883565
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
MISS
last-modified
Sun, 24 Jul 2022 13:00:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
72fcd61cfd089072-FRA
content-length
0
i-noref.js
cm.idealmedia.io/ Frame 94F5 		0
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i-noref.js?cbuster=165866760142083547788
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
MISS
last-modified
Sun, 24 Jul 2022 13:00:01 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
72fcd61cfcfc9072-FRA
content-length
0
counter.php
autocounter.idealmedia.io/autocreative/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autocounter.idealmedia.io/autocreative/counter.php?id=798910&pid=64786&referer=&cxurl=https://salat.zahav.ru&undefinedh2=CBvd3SiXK6CDlaashqQY2B-LAifAvcAwR1nWkedwnPI*&cbuster=1658667601420247315561
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72fcd61cfcff9072-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
prebidamp.js
ecdn.firstimpression.io/static/js/ 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:34:36 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
1525
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Xmav9iCrdmCKYggCCzZkufc4NIFS3uJ7IcK0DfjWekrhacmLZ_Obnw==
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
expires
Sun, 24 Jul 2022 13:34:36 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
8874
age
12685
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA, cache-hhn4071-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FL%2B2xkzfWKhHMn4CJfclNeuXn%2FpV7Hn3ppyH7n0dnAzFstPgZu%2FliP5DiQbEV2yCD0eKrbzF1y6bT%2F8va3L69FzvnD1oEiC6T6HEMgMo%2FvxoQrd6oExaVcJ9d7E1THgVMcEge9sSApzu44rnNKE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
72fcd61de8e05b3e-FRA
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=a9949624f0959921eded02901feabbce_73087_1658667601441&tm=557&eT=6&wRV=2000823&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
X-TraceId
76b34d32326cbcc998da7fb7766ff9a5
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
get
odb.outbrain.com/utils/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fsalat.zahav.ru%2F&idx=1&rand=46365&key=NANOWDGT01&widgetJSId=SB_1&va=true&et=true&format=html&t=YTk5NDk2MjRmMDk1OTkyMWVkZWQwMjkwMWZlYWJiY2U=&adblck=false&abwl=false&px=985&py=1409&vpd=209&cw=300&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000823&sig=fWSwTE0V&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fsalat.zahav.ru%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
52e06b46aa5a7d6df691720c8f4f437d3156cf418d0325cfabf92110a1561831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1658667602.577465,VS0,VE231
accept-ranges
bytes
x-served-by
cache-lga21972-LGA, cache-hhn4046-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
218a6a6b46d009dc8c39f98ae085bf3b
content-encoding
gzip
content-length
11674
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 58CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:01 GMT
expires
Mon, 24 Jul 2023 13:00:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A3C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:01 GMT
expires
Mon, 24 Jul 2023 13:00:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F72 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:01 GMT
expires
Mon, 24 Jul 2023 13:00:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9918 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:01 GMT
expires
Mon, 24 Jul 2023 13:00:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8917 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:01 GMT
expires
Mon, 24 Jul 2023 13:00:01 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-78.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
last-modified
Sun, 03 Jul 2022 06:49:40 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1656855979.262924"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7090
expires
Tue, 23 Aug 2022 13:00:01 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=18c015fcd246a7a8e54fae6fdc506c62_73087_1658667601751&tm=803&eT=0&widgetWidth=300&widgetHeight=322&widgetX=985&widgetY=1955&wRV=2000823&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=241&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
X-TraceId
08ed926aac0d125c8c324f9b28ecb0bf
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
streamFeed.js
widgets.outbrain.com/nanoWidget/2000823/module/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000823/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-78.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a49a38f404f63572d741df77e06dff826e77966d0d6d100a5ac5465865de7b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
last-modified
Sun, 24 Jul 2022 05:14:07 GMT
server
AkamaiNetStorage
etag
"902bcdb66ed3e0b6dff0ab5172daaea6:1658643340.006236"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
14068
expires
Sun, 24 Jul 2022 17:00:01 GMT
eyJpdSI6IjdlNjM5NDNmZjk1MjRmNTM5MzA5MmM3OTRiMTBlNDViNTY3ZTFmNWJjYjRkNjk1NzJlMDk4Y2E4OWQ5MWQ4YTUiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjdlNjM5NDNmZjk1MjRmNTM5MzA5MmM3OTRiMTBlNDViNTY3ZTFmNWJjYjRkNjk1NzJlMDk4Y2E4OWQ5MWQ4YTUiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bae47f05fab735e5ccacfdd509725f17024d181e1a7208066b02df25ad3149f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
last-modified
Mon, 04 Jul 2022 15:02:58 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=806012
access-control-allow-credentials
false
x-traceid
5f852ffc1a04f784b2eb9fbf353cf700
timing-allow-origin
*, *
content-length
5210
eyJpdSI6IjkzYWU5NDZmODBiODNjYjNiNDBmZjIyMjE1NDUzMWRjNTYxNGJjMTZiMzQwYTVlMjZlMDQwYTVmNzdmMzVkMGIiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkzYWU5NDZmODBiODNjYjNiNDBmZjIyMjE1NDUzMWRjNTYxNGJjMTZiMzQwYTVlMjZlMDQwYTVmNzdmMzVkMGIiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2ef051b98b84d82fe51a9468dddd00e020d78b74e9f504f02a27a480be97ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
last-modified
Mon, 18 Jul 2022 09:12:25 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1930445
access-control-allow-credentials
false
x-traceid
0b3fa5667aebf6a31c8a43e9ed81623f
timing-allow-origin
*, *
content-length
5562
eyJpdSI6IjM2M2FlZWE1YjEwNDI0YzM0MWQ0YTgxNDJjYTBiOWYzODRjODlhNTg4ZjU5NzExZmE1ZjZkYmE1ZTJhY2JjOTYiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM2M2FlZWE1YjEwNDI0YzM0MWQ0YTgxNDJjYTBiOWYzODRjODlhNTg4ZjU5NzExZmE1ZjZkYmE1ZTJhY2JjOTYiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eadf1686562c30358f0213b47326487c7ef7daa97b57ec5f9090e9a3bf70fbbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
last-modified
Tue, 19 Jul 2022 13:20:02 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2031663
access-control-allow-credentials
false
x-traceid
a14bf662eded4085749697d854498232
timing-allow-origin
*, *
content-length
5104
eyJpdSI6IjQwZjlkOWFjMzJiYzMzYmM5N2QwZWVkMTk0Y2JhZDlmZmRmNTVmMmM4ZWRlZGQ5OTA4OTM4N2E1MThkOTkwYjgiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQwZjlkOWFjMzJiYzMzYmM5N2QwZWVkMTk0Y2JhZDlmZmRmNTVmMmM4ZWRlZGQ5OTA4OTM4N2E1MThkOTkwYjgiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7194753094869fd71f108ce1f0e6e8d337435f706e17a4267bae4d9973ba7971

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
last-modified
Mon, 18 Jul 2022 07:17:02 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2107105
access-control-allow-credentials
false
x-traceid
90942cbf532e010b1189663719d6542e
timing-allow-origin
*, *
content-length
4578
get
mv.outbrain.com/Multivac/api/ 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fsalat.zahav.ru%2F&settings=true&recs=true&widgetJSId=SB_1&key=NANOWDGT01&version=2000823&apv=true&sig=fWSwTE0V&format=html&rand=19002&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YTk5NDk2MjRmMDk1OTkyMWVkZWQwMjkwMWZlYWJiY2U=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=1&lastCardIdx=0&fAB=no_abtest&dpr=1&cw=300&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fsalat.zahav.ru%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000823/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3af94dbaf82dcb28d1c9ca2efe079cd98a19b491d6bc8ee5295756a1b6b5ada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1658667602.880497,VS0,VE1098
accept-ranges
bytes
x-served-by
cache-lga21936-LGA, cache-hhn4046-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
cf6d30ac1ff3d3d9c6333d98bebcce3d
content-encoding
gzip
content-length
27056
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2748 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YicvQEwAQ&v=APEucNWJNFERvv9mF_D1Znz_lOPIDZ0Uer_OlQBoEkSyRExWBEcDycZIsG3JzxDpyzGmukV7PeZSC6bywD8InfFwJFqUoXIkwqzJ3brSlZRDwlUCaCxG_iLDHpmw4DfYzsIJRbDnkqDzJxS7lkK1jNqhFRno_WBKyLVJNEOCbyKFhdH0ibgqmWQ
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 58CE 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_CKCrQDzfc1Z3KlOvdeGuYko6bOdTn4XC7F7ShUhHbxcGZcKqsgOaP9ELSvlfuuJvqF2GGO9m13RUzcKiDYN-GQv6JxWjfaTWA4UCWfqUkMvVBOjGvMVMfeJfN84bRIlhUyJG-eGc5K5w_9QAApsUtUOAHw&dbm_d=AKAmf-CsT6pXXCCHAm98j3EMC4Oan7MzZIwqIE6fVM6GhKUTw_vx8yn_6zU-8Msr_pgq1cK4FPXf3hTpwUSiICGjAQ8myTTAb9RoDZZyZqoJd1-GOzEWpDX2B18UUbYGmPKk8-z5g0HrcJY1L_mkvKsZhUdLG97hb0r37MGIJx5A6OI1dCfy4cRBMYzfJMWLOjzSCPlhXeEHPEyuQfam3NJAzKzKSusddxoEMQ05B9rUbdCBy3mkHAAvlvXqOSZG-YOfYnSS16vgomyq89sUkLpclzmmYjr1tBmQTHCa3-6HFk3vBNrsZSovejZri9vt_G7iJa9c3tY1Qr-Q5vkPnryHkdczT24FDReVYOM6EtPwy0702OCtP_64Ny-KPg6jcxSqWg0-P2C3uKHctVVpUBNY9Ra8fPXoR-8r4W_-_ARqCDDmmRYc5bw-UDy07Vz-5o2jsKmWBMBsZ5U4eN_IJTq72seznd11yCpOKPvnVASluvp0lDcBRRBCrkwF0s50ntLDSQ4kqYbaj__42yZJgKcS7r7Y8yPtmBG-KDWaV9JWOATXW6HcQ_xis0-eXbjuAo3bRBlppg5f7rCM6IMZFoeIvlCT9H9CanfW4I94BcOug_FH6Xskne9_gc_IE8P28ZgAO8OF4GUTz05ZqlYzHYku9TYm7qfXB2ul1cBZMk_iEW1_ZXjMDiHo53NVNyC9jlxHGInC5VOZaI3oScgUlzGIJ9BO4ARsLN2Gxhdum30AeEn74-7Mly35ESBsQ1Kd_Xs8vH34qW-Qt5g4jx6ONmMyGtANterRqZ-MJDlpfP0pMIoZ7yZU7DBjB2ThKiSG7VlBTEvv1nvIRxc4tgzsG9DReXEaE3hxtEG5ddzErL6_z_s9dEXEEOTcPOsKrEkZ2H9IxAr014yUzA6a3wmGLwXVnMdPDxMcEW_ABPat8fGNuHwCDIoizMykXDAGnegVV0jxN3RhSOqqMsnLQJVrTbMpziQ4C8PPwk1X1b5Kyn3oTLC6hShVi8gVxPZaRkgWG93Gg6AKZ2DJbJXa8WDIvcT_1Zzn14Kp7NtvINN8xVa7kvE3QnIPtBkIwNwDCjrJVg6kmCpK7SSn9um2KM2OGvyyNmshUQQONP91dRu8lDzGuNd0UdGprVgRz_NmEHYD8iFWCOBCckGoFzbIFJhF6Zw4IDrd2uKJhfG--LYN_F3zBTbdj4VqQD1EsBu3er75noJFICZ5UZFvduAIqq9J57WopV3aAsiGtBsKzu5oCC5aGXIloWPDo6bKE2hu4C2BDW7nXbvPrQP1MIY6CQDxLdDuc31oVoYH2ck3jU9N-WSAryADecifSHmi3REZChtYUqgQUAUfUePevdAVKyOsG3nHdFgiDCxGv3-gsqnw89-xgQWx3oYQEQrh8ivJ9lhwxGrUlNztK4vCtLPFoaPQU6aSO0Qne1LVsx4k0EKgPr-iTQoXeQwUL1UscUX2Mscgse48tY5TDFB4Z4hHBoQPreYwjsme2AGG0xnxagdtwkWhMEW8yBS6U5XfvQRG6toz06yOZ7BVNNLK3BXPBRx9hUDHKMfE0119Mf9hnbqQ6vXVly1dVCrLYCM9joFVnhPRJRMTGIaWqusoTgM5mE3r__r61StgQceuJF_fNvM0G1K2tanyCdPltxLLYiBJh7ZRlNN3YDA4UbQXTqDyFF4z0DglnnoC9td_FpDHdlLsJ9-kheWC6Ax-1Ic3PKFEPBRAg25BGxMGLrclZXMEDUq_3dg_qjln4YeaL7dJKNzPIzEKVp_jRXg0StlhwU-GSTvYYzbS2W4bGJYt6hUqKC218Cbff_Fa9Ot0rx8QokqHjmxdIswYJFVwFDeDW9VM0IYsthLlhoRem6QgvV2CwyR_7IJMKuPrCLQnZPR9c3M3TaOG_1ARaQu6GJQC-8SSg0s4bNq03VhMOR1vunYNCeRLpOiEvT6wGINQR5VTZnfVBu7dG5tVckWu1J1mQAu1whR_Ts8WOGUr-sr3zjIA1xnvqoBQl0rD2exGIOQO5SaqfkmxTaAXeEhGZbwOczvCls2DbOMvEoNLlbmDm1pYBszUi4R5n4hNXHblTMoSZ-qh3Ejxc87ge8yM5wE-1k6aJz4qeFOBQQ7koJbbOMebQ5UB_8RESP1lDebH0qqI4uCBTWuLiPQ-_DhhMQSMPHxbj6QvwfH9De2EXjgywZ35ZFXZggK0NUpOnEk2On6pwXm4xXGsGHYiAmF4d770ysBYa1yWgfOo0iUaAnqM_33THUW7vOVQd9DxgWHsicNyZTqYI4X3JtU7ryjIFQZ5M5z3mKt_Oyhykc80u47z7VSoe57SHa7FdmbwNpo7w_MZQTQINUO2ZoMAeZY_SCeigzTcWuQbmgtsttt5dXyi1wnFfNpkCJXQZLD5HXiIiItJh05EHpt82dyM8xtkgaeCnr1zkf0eBUCdjQIUaNMh1qvbaOHaiDtIRFkmQrUoUKtFsf0x9m6kB_bWvMv0VUxmFuVTkCodH3SsqLHSnRrHUYlu9K4M5bErNQsrnh-Od8WJam0Ssp5yhEP2WYqypT9aCHN4NQL6cBQgqBuPOsH5mfIMDugkaoJ7zbxIsbalmrjtqQtoxt-TCmzPDUAA0VEvCxEauqW38nrdNUukA7tJX22MT2VmvZWDHYd4gauzD9Hskv9yCkc5cotJ8pEhY_XryhzUvi5BXvK-LlwHn57shTIgwXbA58u5PObau1iiqL_EDte04jn_NzzzNx4Nq6UEqhGATU3vxpbEtQsZFpUDLRMRpLSO88Kd15BV0RYiZu8FsEn6-KzdK2FwlCK6vhDd0gUsC66MKVh94OnVbyFfdLvtZVZ6nTbNDsaSpH1wGlLoPQ5LvsnOMy0L9TayRvslCGp6_daDa7prXL3YoLCLPtCDv3BzLA5G0Qz-mT5iz_WSI87ht_4PUWAHFQgbtV9AnBBfLS6hYIpOJcF91Xi-RN6TziBAFu8Nw0645HLoD5-a4QuMe9wP4Ne1AD-XE9uQvFItIvLlX9xBh8-5LF5BX_tLfI_TYYI19MChfBIv8Eje6fEYIUunAbS5bWxV-4gSxVu0XjMqpWSAZPR0Ps9ttmY_d-1qwZESEUdHxTLuxRGeB1N2_m_Q_92uDwc1Xll0LWG2ZQoW0wZ02bu0RsFLVhiAAT5trooKFZOopDxvyf7q45O-9F84NTSmKr_cTh_8kRjADL-juPVNkVLN7Gq5txANG6K26N1Y_KxMMqHlZX90mLN-hML23g0n5shFNR7XeY316PyF5lviVgo2trZVEqkz6Rj47zMlAiRvAudvqewEJqv3G3mFaCVTOqk35wPmai9vxzPFJzoJXSANbbBCY1mYtx3cBCpuVUO2Ncd6XSXbK3xdfR-Z2P0DxP6LvdznXaheWHo46B7CsuT4Sv---XtNY3YJkv-hhhPV5rzaGnelE8GpW_XvTx6ePULZ3SKyw5tOcycE5m9qn9owLl7Pe5PtJqrJrSsDT5VMvbyhyWxFMOuZbH0-hU3-LWADscm6I031SRQiTvsnSwj9Je8Y&cid=CAASJORoUtEuIJr7LVukyQzI8ZbaTpmfN_CpKF1FYJ7UdjsttS5Yxw&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ade52bf7b58c936e0f37827e30236bebe18f3f5e27816d3dadeed7465c631d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34744
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 58CE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0dt2f4SwBojmLTgpG-60sodrfXIw4Z6mivuOryCop87AnrgKrSGN5W0uF9CyV5uY8l8zF307Fs30fP0KJwFEpO2qqPaWZ2gEdvTN0-vhM33fynWk
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 58CE 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481225368&pubId=1&placementId=396821589&adsafe_par&bundleId=&dealId=&bidurl=https://salat.zahav.ru/
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.251.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-251-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
51096b09c323b3c37944c61a06af57de405f7354e6c6b7fee2f0455ae039a17b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 58CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:41:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 58CE 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 58CE 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:53:14 GMT
l
www.google.com/ads/measurement/ Frame 58CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZwPtdRvcigdMDL5nTXK6t3yvUujQkZbx0af3EmCqe5p9rQ3n5MgZohZST1ox-8MGl3aqVjYQ3n1_j8wK0sIliAjUL2Q
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame D2B3 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYr4CcvQEwAQ&v=APEucNVdJZ4l5K1GMI0qhzi2pOpronKkxmJQEEQqfA4HQphWaHKaAxf3qdOUDaDEJRxk17cxSZ3Q8PdkTbjsNo1IlNzAcQOsu3TRDg_D5KxpYEIdvxDBW4W4ClaEf4L-aw2kfi5s8uy8spm_nVRGppAxAsuM-aHq-ci3GSnn9lX5NMktJE5kLpQ
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8917 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANGl0DmY3zuQMsGUKWJifej-zhqlN6vOSnXN7RLbEVqgWotb-2eneyGRXpEnJY8NtRAAJqxIoIFbOuU9J2LrerBhyIxDrF6c_E7_Ch3fCnxEtPYdiiWAanxGsuTCtGaCOImDbNflQ2rE2pQchtUE7tAzxKmg&dbm_d=AKAmf-BogxxTSOHhDPnN_sYj8cuSlIsv34mZK7BC_EQX5fHeGti71WTdfKVkK9sLfZUaLL2XZBs6YcwNqz1Xli6aZmzvF0_-g-dF5N00OJaP1mnzntpVLS1_Nbj6pgyd9qwTko7KaXdFO1zcRtJNqO0tNikeiZCXVFHVkkXqHx0w4H29HNRAie4i9rjBG7ecFXUaZtmFqRnAKYyZ5dZwkMtlTrr3Iq9xYoJWz3wzPvh0z7nz_rp91ZUZOz1BGs85eeKYiOpNzmBUWfObYMa__pYXK5dGrqF-FqJPUhhq1YKVjQoP3WR44Pw1qsi1zibEHKP6VCVmN23S8pDcaMgKOm8yvpHIm7D3Vd8eN81fz9h2ZGL3g_rpg_tkNLv2Kg0njd31pA6qBXx3kU1dHm6K0XNEI9M4CXMGp6taKL-kVlexDGO1sHBoie7srzPeL8nzNxOCApjkp6lt5Z4E3QFBF-9IfHfvXvCWojGcw4kDFg53VFbBSTuZ2shcyQ3GL3zToTSkbg6IazrbtIWTl6J5IQeb8fGEIrG8aHg1Q59NJPzUT2ipd_AVgGx00bxkBGeslTRSc8tdB4phMLe0pYcG5_5l2Kq0SBN5THHCeWag5AtuRYf-VNrrh0c5Kor25Y6qPCaWhoHVucKS_OVlvddwYVE-jCKRnWWekzbyn1fIbR35WFiqOAkbsh9BWyF1ZgHQfZrUUb1c5F4Xwv3FbtVdyVzl_-z3HR84AeN2A6j181VXw_6jpVaDdGgff-t9ACfqCh23BOu1Rr29T8ZlgrWc4PidS9tbk728MLL3OhlH6WvZAxZoKu6v2utXbrty-y3oxA1oA4iQyIGZ5yyq_JaipCXViY3ITNMkZUrwsjRTZJ1ktmjXS72lpdMpAFVblSFVZc8gjdnKjg0diVAy5gfRcz06Y5UwXsIHz9pGJ5107h3BZwH-tvlpDaU2iRsBFIRcoLtVajCmFiB85MPjdVynTUSEkvkgRtxyIuZ-muGCdCSF2LJikpSigfUQ_gh001cKjmqYlXzBeOSaZL8aouMW1p3ppNYCc0M9-k3W2Ci61sdG_okMXs7dGT6Rhg1U8uGFJNCHEfCqKUAvqw1s8RQXR6BOffQjJh4EveTxqY809OQWk8ZvYBOlQUngCy_25rg5sYYAgtu-FjGcKvpV4Bf4D6VPTkX0ui0T-LnmG4AqKs6GYzcI5XSBpcWc40l4oNaxBiqc2BQ-0r1YqoV40-Kd-L9UTW_kr3BuCqO_rHzVIfnmJYrGfpJhNlWZL_MhRUApXusvOVyQgzRuxuaZ5jH-lr-KPW7S6AFl2NhhZDh2YRNpJEvD-eKT0LtpDHd6t6cAHIOUGHBGvG2O8inYuKRJKZhwBzaxQ-pqSmGFhihK3wpfEqANcONXFCac95Tga0pA7uxzPDLU_RGI9_zLIa1A-OCBeheE7rOr-heIpvhe97bOJ-i-5mMR4bMdEokKJuodyLCrxRj7Ba4MVKyGMWcrXtaRzNHbrKrgrqMs2uHIXeYv8KT-y0PRpHuJn6hCEqCKoDaBUsWDwvRCUCp4iA9WEiX1JLubL0kNaI42Hz4fHJVRdQW2msYIeZeEn36b7yLMqgfyrgj_Grr1B-2UV5e5Tmt1GzSbsuvyHf_k_zwkVbCWM98i9IqjtXguBqgg2C-ccCPjKo5u6HYs7_88C66UfK1QNeXaGJScoskO12nBP1xK_oJkauBtJ2hTtWB00ZQyBU_fJTCzNgOGMY2gEN70S0hH07xOcWk7waZ2LLWWyHTAAARRyVx0u6MXg80DMrSwJW9kQMj5Z9iGRF-KSzn8dbWRj2i2IGfu_15zmoEFzpdrjBjzYCJy2OBHEmv8BbLpBRPtqCqIoasbyxQ-9mFogp2FLkYSv3CrD5xl24nDTLt1PjPnH8blcLDL3i8krthhbYluXsiUS6_jyGed51sqJnjndEnGAdqqN2ybgI3kqyVI7cLL8VD2T0BuDSKx4pQY1sZkC5_3n3hI7gOxyXdROcJzzltibetpy6frCCxNcDLmQaH4kSVGRWVWrjSbSw6fT_g6qbnSHx8SasY0ynIWlRoaC8GK-B-xC2az1-Lc-M55aopAwDnFQcNEROooru_ddYcl7mC25vug-XBGvyJ-hSD4wsbUX6t-DXEt0_1cyKGUL_hpgGi58EHe-ZQXTpGV0SUYwVq5M2dIpjg5T_5VyiL0mlHwYY0WmoQESMoceFWkU9klsEjDVNg0e1l8fci7-w09oqlKr3vDavnxxTisxAw9TSbl75gu1AY5ALEiDoONiP3zbUPDW7p4aAbfNwdyk5UxiUgto9tPuhS8wK9ReIqXkHzmiPFg69YZByGF1MZFdlp9Kra1WsJltu8mPVzH6DhArSPXiBpxrup5wdRxJXOwvupeRzSpg4RgoVQt8nw46NxM6ziwApvbnmCSrbR62dgmZ0BMe6l4RTlBAth3i6D17B31l_jjrVwWAXk33NnV0mbH8gCBX7uyidVGYRTNufkdRuO7cKY6wpKISqobzi3lkzxydJp7hjuKzNyi0lEr20IwT-2Qr3glOX13_3PtuJo12A_3mqyvQyVZ8Zky4Vt0cPu8qJ0sdtjQk1f-f3xaGkcJWQm2WsajaR5bGLBOoaJ0DTYzAvlIWnt7A-j1uoKR4Q_vTGAmFQRsQgp-HDnc2qlqTMURUojID31HXhHSZ41ApAQvDCUAATbtCE3euOIAIRhjUfQ8R3dUvf7feJc_dnsF61A0_y0J5m6BCGohRpAxempoHuV5SJc4gNlDLk0kMOmDyuQDI09ZFDJA83MGHYOwehZOTCkY99hp_a8i8nwLzhQRShnZNG2ed2n6Ttu1UVoCj1cHvrQZKPnud7HoOyxzXmsrdJ63j8tdzJJApXJbbbXl1RZbz4fgP318ebun32arARhyJbsCKOrmOv5Wzyov6PclG_ns4U8LhcolG6wTG9d80ZCCb5TkxffHpz0vE5MyLyADvwC9I1QEEQGILrKFJbeZ_h7hznHZgj9Yy-bwZv0j7B0Tpl63tZ_CGUVUZbQ--t5mOWmrkuBiFYaQO4hkvvawDiiY2Q3eP0Zmyzg4VTpWEEpTH1l8b-_8NH6u6cqkH-p6SF04ijOkuuJcsCMk1aJNXT9pEUUQUa5P_EBQ9IXeoKox3VAo46zqbnS2vdhMa4c5slP7zhEr86Fz-5rTC9vGZ7EbCtthYikvGlwd_6tWtIn199g0z8MVevampv13FJueDM-FdrxzFCng3YEhOcRsvGIHcv76Yuql6XcYxzEu83tbRbFo22OfcsvN4H0n4wIsf9upUsnjuKRf8sxGPVOBUr58IdMxH7N3emlkvaKP9dbXfy2KWmZs12rmvJ89BAHRIF2CDiqxzvP8bdIjHV4KxZFHQZmdBaYLuOLPggKGpB0sobV7fxQIm_L_4WMhrO4eV4-TPLzNnuZyxMJL0kMV2X_obdq7GPMhzZJLBbVM5wiSGTMMD_RjbOtXVDIoPyrIEz_VZENlylXF-Y-spr5AwamgIsDkPc7lrbtQh3vAFgrK965vSuZITXQPSt_NGH6HPg&cid=CAASJORoG4qEGwZKmf3wFwjVoP2-BNybZIMLGEnVnKwwPiNKi7n4Ug&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5dcab82cafee4b90390d3cc71590cc2db89ded58fa50f5e81c77dda57bc639e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34820
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8917 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A619qP2GKg5tGMFD09WMukzAz-DPxLdA_Xao3Q7Y1hgC0zICZL8QmI0_n48R-u9vrPDoJWS6Py5zPCOnO8yLe_fwW9H_Ejms8TMao1zTHHyXf6ZoY
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 8917 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481225368&pubId=1&placementId=396820527&adsafe_par&bundleId=&dealId=&bidurl=https://salat.zahav.ru/
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.251.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-251-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
baf0b1f6135275d03c6a1ca7312ed3329de14b243b741bb7c4b232e62d0b12d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8917 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:41:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8917 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8917 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:53:14 GMT
l
www.google.com/ads/measurement/ Frame 8917 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTeE7GhXsN--DdbQEvzX4P7kt3Xx1TxMsAsxZKxhIRfibHJz7Hx1RYSER5xkIaR0-mR6cn75OA44exVYUyzgNNnV7BVfg
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/ Frame 5168 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03609c25a1b3a1840626aca9731cbe5ebcc690f8d03434735712a778604ad113
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
424951
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1647
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 14:57:30 GMT
expires
Wed, 19 Jul 2023 14:57:30 GMT
last-modified
Tue, 12 Jul 2022 13:38:08 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 9918 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CF084UULdYqvlF-mM7_UP398e-NCO72qex8_BhRDdq4PC8CIQASDRk8MqYJXikIKgB6AB7pik7QHIAQmpAgn0DGff-qk-4AIAqAMByANIqgToAU_QWCH_TUaVaW_g7ofNWTo_Ipz8Ok_JWjo2No4nKmu-d5VaMVacVGL36o8yENLWGY2emQ6not4DKdxD0eNhnlg0F66lfGpMgyiMJjrigkoVmuTkxVNBPUgICl6-zrj7xbSrOLSxNDCn15INdoAfU84wqrXYJsN6TTlQr0avSsZFns4FExTQRqXlvOqWGoe9ien_XN5QKRVwVkg29ynubkHN1Cnrx7JpTkMkqXeMAJhTX0tRcVoTzhZirkkmCYw97mRuDFhjuIj3zu_eUgNgTSzfWxLxPGFwbhFQJhjXr67Ppk_-D0jdE2PABKyyrIaiBOAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf65tuSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMGsIdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=V_6q8He8e7w&uach_m=[UACH]&template_id=419
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 9918 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8663
x-xss-protection
0
server
cafe
etag
1576890815193688712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:53:12 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A104 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNWsK8X576qL7_ojVAx0aKddQ7RXQMnYxIEqMuHjBI7chkERW0aXNN0etyzxN_CsfF5n2BsM2hm8_iY3tZFDOEDCXxr6yOq04Am-h2IBK6WTl8OFnpgyx4ypIB4If3-EOFHGkRFotFuTdBFvh_PCPcM3QMmEI-nzyijqfXzb5DYLz9ardWU
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8F72 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5vDupneCICnBQ3t-NOmW4lHlhCUurOYy6Lzc4g8HgEurhnBJZntWMva5uqrlqfHAkDywrtB2NEBxLOEkkvozi5xuI9w&cry=1&dbm_d=AKAmf-Ar66Qf2CbqtZtJ8Yw8OWMWYsx6xK8oFK64U4m0YtUwH7ZPP-nRx-8a1AQ2iJ7cAA2Pj0Ak2IY4i3DyusmxGyVCz4yQ1b4GTIbbib7xLJROESAA2BCcGAqxd3OLwtwddNgMAVN_yX7-bbh65bUVcJuUTvO-f_f4pyDdFj9A12vaK_jKtTzjtD0InwZNscNIgc_7wgo3dBfrP3xoEOvPlbQ9gI0m2jDPmyyhovxly6ZFqhwi_nWheQoRH4LILVsDALsZp-0B9YEVhk-RDkcI3j9pECCl_KtxxRHlR3MpdPrixdqiVG1iGervXIlwSJ0Z06GUSAiVpj6zNvjBT7mtvN40zIPzeboIcJ9NHwVF-kHysm8da71vg7QAAYZqzSG11z_-AbM7rlMjiFdgCNU5IttrnjwBq5-P9HjBp-qHMedrbO5l-VQvktSNS86Vuju9smTV3rPWBNAtaGS0c020xdfLbrge3Z-D-6yinttnmy7W3ZXiqpq_BN1g2GE_shSQYSJWB46_aoFo_GjRCFt1Ie7fvffPnhMuVlf8l0esyv-8MvCsP_bAShCUmjrQmD3NzO-dluTphW9bavvr-JWty6Lsqg9ma5TATyzNeK0LLgcN1PH6NTCLEFTzZZulkLkjkQAwKiSh5u8CeqpmBgD4PGor1phDwvLkrWz27V28Dlj-99LyukffoY7bSsdpxk9-E23MTLCo_ufCj7JgKY8LVz3FbZ8eWG3TT3ooPcJuTXGhnVKr8X1J5WDmhEJih8X--UjDSjDNXkJdtyC9d_urmUR8AUWLmcYnAzL3x83-U_szaktPctxqzh8CIlzp7sfkRDuAzh6OTtQB6R_Pn4c6Lc_Xg5vqQgMY9uIX0hIGm6PqNGXl8UJNeFL9ocrmH7nyr404bIqpyYPtdfhkbniksP8F5gdQKLdC9NiyHPn6DVIbEdLHH4EbbCZsGhQtV8WeDBrhmDWl7GL91oxAFm3phJcV8sILjmErZCldYqkdMc-WGxATVLqwU3NcHXENDZ29JXss66ZhagzRLjwKZIEUvg7Y1i5WwFCa2Nqet-qcMeC3Jv_Ebk66j5CdzBOAYE1P5niUa_VFvE2NXfMcINOcIcfioiudC5kXmUoulSP86TNbSlZibe0YenV-pfb2KSXREwpWADroea4eBDcnpf16aK5HV_2TUA4XO7in4URDEEjMNOIir7gI645RfYU38AirwmYM3YIQ3H_EI9TBGyBa7Tcr-N-lqWVm_k_1bJSwnYBruKpVjRHmcMwiJw2t1yryMxx2FvlPjK3lwGzHvjeLQEp2jMQLcL2ii8ypFJa8LU5ZK_lWXoO25VGT07O_ClRy3f-JFdPC9IGoCtw5klx-AiXkskHtdnzKBIyoC4bCGPeq3SrpGne-RpHmK-m6cuOq7dw46nsapfaetgPTH6sU8y0ClMIw5Q8dVfjKKsbxXmTmkr020B2f_qMzxtthsEt7SOzGngSbEGQLWizbXtHJofDj8EGfJwfCIxDtv50kH-8UxQWukXCVQxkM_-gzt9gUZImFggLe7UH_54c-IpL_a61AMpFZM3jk0mWRK7l8Sx3qemd_ngrQ2N4JR4TFO6vT5rKN5K-Mt_gG13hffBKyKpvFF7E63cbC9l7xH93yZ3aWaZ9YQsG-Uusn-hdKhlZCBmSjQVRNJgjViICLr-10oAkJIVM9666p6I-y11DNekK6ZagFyAVARshX9siqaf1umbPJxmDoE3pYAOMuYeEeavKYAfQs_TzVqtsaaK6vEX-mQNMEYeGSu8sMZI1ZURyVb5k5pt8HTbbDCmMhnnllhTNmv3zkzjZYmSm1Ao7XP_tw35E0HDfmolT9Muo6FKvjihiY5faH1Bgl_3CiQJI3luZKOtmfLHMVJNaD_XAGO7WU3xDwcJKYEvfSPqadNzbhxQ0apwK5YU6aHeEq1049rI-9bEpCHYe32bsoFjpjwHiaiKzdKa9KHqQfiosdbmzNMcM9ybpv_xA_llfi5KkEOLLaN_Y_BR7PpAhsbuaFpIWcp-WeiaG5gO_nnvoFRA8ZnIQs1g_RtoX6Jmch1Qu0yZvS0TcVI443zHxz008UlulHWTHjxO6-FUU-r5hU4nEvaHQY7Eq8pOv-ewXSMO9hxMseJI7HPfFRomU718ukdsjJLfDexgsXeQd5ykbaDey2v4kkYMP7EeGd7rXWTt-5h_5euWLk_q_Gr7k9voIyiYT8g9_95SfpOEyme976NcFi1zeeFDOWNiOEelZGxljE3aaRg6BR6rZ07z6Efv4U3UKdcxnzwiAokbgTqj3AcY_P2tqt87DQt8KirwUsRCH4X-rbJZE9CJCr4MC4uMcIxpTYYaqURsEjjKTfmZGQrNxh8SONGJks-WPMgAyeNdXkusNFqJXvIh1lQyu54hfF_7qx1zoZB4f1sWLd1cPaZypNfvjiFkrkUYH1OyHwk0DrfcQB47-SQKLerUZvFz9ZEdgVrh6waMjXxZ18q2-OorVtwBaOnIJZfprOyWiqTT-NY2lQWQjCLS_nkx-GqTa9WlYqMBpzTcURxmLUZ2J6NF6bctScPsbWoO0RlpwJo-HJV2itRSS30AftSHotkMXzs1be58Dgwy4Mm74i8Y3jTi22DBl_8xYn794B5qJHvK0kCtdCHhiHL5o_dYpqKUp8WmLRi65XTOUV4P0nd6rCzOx_bULW7a4gEIZXxPbzDfZ3EuREP7y2ocM1eof-ME62GpXnTHe9MvwzUCRFakk1CEqrXY5uQWDaZtolQvyJtRzHijHL8rQzZeXWXrzEP6p6dhUk-gzzCmSxb8jMpFk0s0b-ywq-9DujFHFgAI67Edt4yiViBVy-zQKSzqc5Tpg0HnrrYbr5EQdG3pt6tI3zM0tA4bbl1gSSFyOf4nWnkl5pXDidEicDtiQ_nHAmz3xlkoDOWAm6f4zfv8NbqYOgAthevfApY5k7iCbXjsYXpq46X627z7kWsaOZ5jzBbTjqiVhBCg-7d67RgMYQKXXBuhdPVLxK_Vohr9xppHGuJYhPQyq6MrufS8QM6pT1se0YbPE2yVvPLUvpyYOug4fawMhuiFP4W-n1a0hiTHAZiR5jCDcIhxOfz_grRnBwLvpDfBIob6eX7439-pnCqoBLWTq1UquP_a60P2UUJHlBjwnT4bGxIIV8Lg&cid=CAASJORooL20KWb-glEFRqQdmHAwrbw1EEgCjynaXW77Zq4S5Sb5cQ&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7747eaa3f8f28a5808289cb6c49765af4048e0660c1d26e6c93f4882718a334a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33523
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F72 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BDmhf9ebHJg-PfHysd8cO6SlKvqQLbb35c8xQc9poiJrAtHmZrTS06lE3OIJuYifimIpoiy9nRr03H62MJkzTtZ9NPqYh8MNj2RCV3t5a0rxprbVE
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8F72 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:41:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F72 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8F72 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:53:14 GMT
l
www.google.com/ads/measurement/ Frame 8F72 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgjqKZ1KCLBDPcIuO3yQTSQof_0gN8TiExbaHSO579h_3mj0AvKnIFgGX65AsW7pCPJzbP6j5fmF2KdNBGePYUzxWC8w
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame D6E2 		640 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNVo3JHwVVBOvE0CGXpd8dFSHxymxJDU6ISH2ROoqepwToaRnH-rcQ1qgnXjH_tHh93gLg066FlXmGFp07q79YwVcCcuIAK_fFjBzZas-Ke4SYq7fSZDtRKDrokm4iWjHBGip3sL1TPdSLGp7KDL0E_uqPdrhL9BPitjcW7VD6ta-2lZ1Ic
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8A3C 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaoATeProV-2LunKYXrZJz04XaqkVF4rIF0heEeQyldOHq3IoAPu652T41Naebo7e_cILvnY2XhYlbjw1woP8lVS9j8A&cry=1&dbm_d=AKAmf-B_FdnIcXk6l6qipauI_T6g6t2He3y10eeaz-To4Q00sfKsrJAK2G4OSIRDPWw_FlqvIqTLwj87c9WBNMUUjRlE2BMEQ_W0LVVHQx_l74I3UOKw6rBb4Gomn5BW8Z-5TS4ozgEFZSssPp5-zESNcRXh-9wkDkcmtWtM5fRuXztd-dz2jK5-ZaTWOgZ9WTv9N_JJTXmGAYxOCFSxrPyciEaNk0EUZ5NJDfPPJiJy9jtAK3cUkFaRw07krNCuL_vrvz1RkxrGvxMduhBPGDG7hxGEUcpJJU-oINSO5_tlI_E1pzGGtEFSXMNwXxCsT4y6nje7j9KeLI5bc5-shpo4rBmkKDwyakGeIKtmS8_D3bGCSbQizHkSttkx3LIJIyIK_UUfdLIRAR7nUrIe3v7V_L-ADNrp0NXe5VniTUFnKIdfl1ZygQr-tTv1lCrlDKiRPpAvgr3hRVm0aZ-CmOX_tLdDSREkA9I5G7ySh5r0iCJ8Bf7BvDClWwnJ9BJLFVpe-3KErYLoDQ043b6NbxrG7xcmzmgdJsrXPDughccCogmTt9qifAOv5Hi2g9Zgo-xqlPJVpRFDdcEl3GBbceju6T295lUcuKCPVjklbUCGWpau064_SVZPKa5V6a24MpovjgNyhP-K_JZ2UQuQrGYzTk_CoKOdaOXJrg9Y2p2ll_13ofP3ApLtBOgSYBzdACdUw2TaQw4fQG0KbVBYpOzKEEAL2KlRbccHGkvoE22TMmlw0rQhpAWYd_vo3IevwZCIAe_23lmuNnpW74Xyq4F14x9WqGbQw7E9NDtPqUo-IzoQzt15htOVitwpEO0e3Rfrw1JxyUsnkdfHjUJuwbVkRs44j9pCnTCJ7iTyIHOkgAoqVeqhAQWsAbZ7CRUqistlnLlQPOWozkddkWdzvXY5F9LFvWxUdNSIFTSWxTuRLesS5hYqOLak5nJlKZgbR8YlgVzbLAS8m0_1FVn-1MwJOkU0fivNmdC98xpikp755tLtROHDI6KllhhdCvjJ9CCrL91vxha6qdEo9UAmt_ylb4PJstZMK0XnHFvcRI5oJjbwZUnERcLDrzqXUJM43MZUDF9magju2g4Vtyea66-aEhSa5bcpdaH9mSTJKrltlHiWCthbFkLqFKUd9ErXRjR_nXHYITKTBIccxRNGycM_qY6KRHDLn25-_NR5js-HvUL6DhuzbNM9rwmrsccPwpl-4tIT9dpg_iRuj3U9gM8WQUdyQ0bAY9LfaZfInsJEJ2zU9Zn4ck-k-TrdiTTVZAGBg5UiJ1M_cX2JAzUh18F7_2Fvr44H6o2vEcbXt94qVRF2obhTZDVjvA8XDB8XPIm15TKSvYP8WlV9kF2CTHYakT_3G-MT7AJrG5TN4u1UPHIAl-lRDHgTHvWD_7hATBjWrkYGD64XU2hKkZ-gt1WLElh8bvS4k60YcRiJnGyb3JQrfh20Atn1OMgwLBxdr2uixU98zftMwsYI2ImsmNKVu8eJNm2FEk6kwDs9zUWYh9qtB_uLrmN9wEyamuAK4W84Jz7sWpBV6gL7DWXf3vE7GpZWgQPRaLLcOGs4Mz1lyHDhSRM8lq40SnGc2xgpwKnCfSjaZETXOOkckuIBj-xuyueY5w9EMYmw9y7qu0YnNRbZebsTkW88a7efBzvQ1CrRlm3dGUXf4bCYQGx37idBFaLbUU-PPG2-aeWCxiGNjJOes4fXmUYmWdWgAP8UDHTT0BDBgrBTtzUSEkbqFGBqr7hHv9wipAXhH8DXdkkFxE0ZBTzk3ic3U1101llvPl8K4MggaZVhQvUlQP-LNx4fi3_U9EtCjtJZLZm3QXFRf-bgYyMxX8EkD5Nxkrw01JFCD1tkgGuGES1Y8lfUud-jiuNTeu-SnnNyrAtNsZngP1hxIJ4wIT3rnEW5frZhddJPHrFVAOkxs-SiVm6jdKGTPZzp0DVdZ0oTZ-NnOUeYxjLlwg-kqMtXvr-0IoNH3dv1Pi9JFD7PfnygT90eoXU9UBFSeoJBaq078QQk8wK3PnhtVQNSFLp58uq6guoWV5y_k1JEsvfnCGomUa7zyrDvPwLE_jvpyz9Dk3nNo-4C4-vox29B-7FPp2X-n_y0Fv-fRMkwo7d06t5LzwcrijDX8vRQa8d_qof8_EaZuNbXg7No1prDg55BMnnAFjgvfg_ojo1TnxXZivzWURP4mrhkDDCekKxYRs2Wgt41mRYswUoqwWcQs31K5Dt8JC8UFZkz03TT0RpFA1V79dp6p85_fft19bSgyxALQwhlbuuBAxLEie2XRCxMSp-kESut8sHWK14WhARq-S7sVxcOr2xHWs5zszMfrbvTuvi_Xitz3TUMdtZbfwmMkoGzmjK_HDjepD7bHY3qmW5EDqr71O5Qul54jMTSrAI4HmGWNnvnYy58UtqhX2mTIV8MNGoXKRvcr5DP1Bqz9jP4k8XHNKLK_HThA3ouSQG1ns5BnMsBFLwr3a8c4oq4hwZj7mfQ9XEg9H_Ajx7iIFGg9IS9DFCaBK7e9SvCxAobFvfYJFZ8Walm7Xv_xVQRK8WmV0QSrVMeeMVZjaEi8FGXmh7gbz6SNWCIo0MNhBJ0EuAwHvEzwExNQJHLYgqTagBvoPltT8l1pDlAYSCUDHXvjrisoIKfLssX6Y30pi5cbMYj6sWAH_g_Wd4yyjadHVZjcptOcKAEWDxTcRinQr7TKq-lt476kTxTM4iwUYrX7qnQeYtqOQRQIC8-JpbAY3pbxsXIOwyonM0PCN75teZx1A3TnPujV9Pl4zXn4Vw_Bi2ED31jOYR-HJ6QmiGWkUjK-FxhGGlzVXpFMjYwukqQet-xLb_PrfAPLubwl0PTGX1zvjD9024CHGUIzDILx9WjlvbDKYVWGDSKFizx7JKmZ_cEKeFvqcr82LO3J_bwlmf2h06luAcYLrd-n8ZO5a7yP4bpbZkTZiFhFAJE14CDjaKRsg4v7yFpYv3vApCkmnwpfjZaYu8lcueH8JchRH619z7jVNkS115pyJI8IHdQSxDCTvtm64XM2vJUosrIy5m6Ufez59vg0xY_CXwHFQOBHAJrrFdS0P1aVW4ycN1b0kob5GdRLZX9YEbuJxyuajJNDL8h_cgHx-q5bmYSI8DwYoYoCuHlycger_Hik9zH_xqZ2-iNalIouIq7VA&cid=CAASJORoXWL0DuPOn338YM_IX14nXRcSOhc7OZiA_Sy6Q1ATKU-PiA&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58e167733e4bd82786636e673a70d7e602f4fcf4841e3375fd1661cc0733e496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33445
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A3C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlleSUXS7ftgacFct1vcXzXr4YRPQyxz1lN8lTjtCT2r8LN62h2YaglYzSzdyM3oxw7G8TLemL01-wtv6YOO-Tp7Dj6pm5rp2NqnJcSu18x8RYqFw
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8A3C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:41:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1120
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:41:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A3C 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8A3C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:53:14 GMT
l
www.google.com/ads/measurement/ Frame 8A3C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2MD5368Oy3TQARn1lEWDS9PNiOWbBKt3IsmI2zt7rTtg7lLXmOWKbBM_n52p1n4gDNop7RSdxlGDFXG3_W0aJh0nsAQ
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame A104
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNWsK8X576qL7_ojVAx0aKddQ7RXQMnYxIEqMuHjBI7chkERW0aXNN0etyzxN_CsfF5n2BsM2hm8_iY3tZFDOEDCXxr6yOq04Am-h2IBK6WTl8OFnpgyx4ypIB4If3-EOFHGkRFotFuTdBFvh_PCPcM3QMmEI-nzyijqfXzb5DYLz9ardWU
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72fcd621e8099bec-FRA
pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZOEp5fnfWGtlZgzaMWWVb6INahVpgIwE3mnzP3MfURVgVMm7rElHpxaBgqYm1gmNlgiHtNulU4OEeIW7hJd138fOy6DnckYBzXGGYihTod5TZ4DqpUJQLVKDaJqzXY3yLIImGSB6I0kVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A104
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yt1CUnMdlz7abwNNqDfBqAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNWsK8X576qL7_ojVAx0aKddQ7RXQMnYxIEqMuHjBI7chkERW0aXNN0etyzxN_CsfF5n2BsM2hm8_iY3tZFDOEDCXxr6yOq04Am-h2IBK6WTl8OFnpgyx4ypIB4If3-EOFHGkRFotFuTdBFvh_PCPcM3QMmEI-nzyijqfXzb5DYLz9ardWU
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72fcd6230a069bec-FRA
pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtTWtYh5ymcYiiLWUJMPQg3m4lCugLi7NcvSnxGKcBvdqF0KEtFqttjXwASOddjUO4FiiaoQc61eQ3vcYfDycrK%2BPRyEuFJXZgEpwlvop%2FSCRSZGi7NC4ymurlijIo2AdWvgsnxcjZOLOg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A104
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNWsK8X576qL7_ojVAx0aKddQ7RXQMnYxIEqMuHjBI7chkERW0aXNN0etyzxN_CsfF5n2BsM2hm8_iY3tZFDOEDCXxr6yOq04Am-h2IBK6WTl8OFnpgyx4ypIB4If3-EOFHGkRFotFuTdBFvh_PCPcM3QMmEI-nzyijqfXzb5DYLz9ardWU
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:02 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
24a8f4ef-5112-48c7-aa82-69ee2f76a0a0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A104
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNWsK8X576qL7_ojVAx0aKddQ7RXQMnYxIEqMuHjBI7chkERW0aXNN0etyzxN_CsfF5n2BsM2hm8_iY3tZFDOEDCXxr6yOq04Am-h2IBK6WTl8OFnpgyx4ypIB4If3-EOFHGkRFotFuTdBFvh_PCPcM3QMmEI-nzyijqfXzb5DYLz9ardWU
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:02 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
8f58da53-dbc6-4e8c-a2cd-7cca789b5466
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2748
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YicvQEwAQ&v=APEucNWJNFERvv9mF_D1Znz_lOPIDZ0Uer_OlQBoEkSyRExWBEcDycZIsG3JzxDpyzGmukV7PeZSC6bywD8InfFwJFqUoXIkwqzJ3brSlZRDwlUCaCxG_iLDHpmw4DfYzsIJRbDnkqDzJxS7lkK1jNqhFRno_WBKyLVJNEOCbyKFhdH0ibgqmWQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72fcd621e80d9bec-FRA
pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZZtSEQPOQHW8J4qe3p%2B9T29bCTMO1JDHqF7dwyEso7MO1VDeMTxdyW7CiBAmV%2BKc4G4CFttl%2F%2FsRf7OGjlXQKzSbXBvEU1j%2BKSYVt56ETOeRbueGLp3cpbct41c7UhstnsWDI%2BAdR1R4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2748
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yt1CUnMdlz7abwNNqDfBqAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YicvQEwAQ&v=APEucNWJNFERvv9mF_D1Znz_lOPIDZ0Uer_OlQBoEkSyRExWBEcDycZIsG3JzxDpyzGmukV7PeZSC6bywD8InfFwJFqUoXIkwqzJ3brSlZRDwlUCaCxG_iLDHpmw4DfYzsIJRbDnkqDzJxS7lkK1jNqhFRno_WBKyLVJNEOCbyKFhdH0ibgqmWQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72fcd6230a009bec-FRA
pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVrFFLEChT8d%2B7WEh34w%2B9jDlWijudq5IEoY3VeEJP7m4wpHx4Ryzvfp1p6qNFUDWHEbbdnS60qsyZU2ohwX7qztK9Xk6ZzEmhON7LR0upUgIOapZy1Vh7w9tZQqiD%2B7xgEDEn6Bi%2BTC%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2748
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YicvQEwAQ&v=APEucNWJNFERvv9mF_D1Znz_lOPIDZ0Uer_OlQBoEkSyRExWBEcDycZIsG3JzxDpyzGmukV7PeZSC6bywD8InfFwJFqUoXIkwqzJ3brSlZRDwlUCaCxG_iLDHpmw4DfYzsIJRbDnkqDzJxS7lkK1jNqhFRno_WBKyLVJNEOCbyKFhdH0ibgqmWQ
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:02 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
3079f7c7-94c4-4455-914c-c89d0341cfd2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2748
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY1YicvQEwAQ&v=APEucNWJNFERvv9mF_D1Znz_lOPIDZ0Uer_OlQBoEkSyRExWBEcDycZIsG3JzxDpyzGmukV7PeZSC6bywD8InfFwJFqUoXIkwqzJ3brSlZRDwlUCaCxG_iLDHpmw4DfYzsIJRbDnkqDzJxS7lkK1jNqhFRno_WBKyLVJNEOCbyKFhdH0ibgqmWQ
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:02 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
c7f6fea7-69e9-4ed1-aad3-0f33672e554a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D2B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
43 B
903 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYr4CcvQEwAQ&v=APEucNVdJZ4l5K1GMI0qhzi2pOpronKkxmJQEEQqfA4HQphWaHKaAxf3qdOUDaDEJRxk17cxSZ3Q8PdkTbjsNo1IlNzAcQOsu3TRDg_D5KxpYEIdvxDBW4W4ClaEf4L-aw2kfi5s8uy8spm_nVRGppAxAsuM-aHq-ci3GSnn9lX5NMktJE5kLpQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72fcd621e80f9bec-FRA
pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dx7EL7kshAGtuE9J9RyEfct138AxwzPG6kWHVBcPl0euH%2FXrBbMgiFf5JONGfbXifrdcb0%2B2kENy7uoSMrQ41S27beXQo07Om5rzPSfHfvpJFg3AZCYalTIgvkqwCFYN9i75pQL8JheLFw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D2B3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yt1CUnMdlz7abwNNqDfBqAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYr4CcvQEwAQ&v=APEucNVdJZ4l5K1GMI0qhzi2pOpronKkxmJQEEQqfA4HQphWaHKaAxf3qdOUDaDEJRxk17cxSZ3Q8PdkTbjsNo1IlNzAcQOsu3TRDg_D5KxpYEIdvxDBW4W4ClaEf4L-aw2kfi5s8uy8spm_nVRGppAxAsuM-aHq-ci3GSnn9lX5NMktJE5kLpQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72fcd6230a089bec-FRA
pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sk0eiH6URPdQejwAo56eXNNvJds6RaLJmk1SKfGajA4SD6G5dXflsq4Awk%2Fqxd9VOTxhjMHmiA65JHZFPazaSRQ1l10BVFUtqgxExFpNLu%2Fkehbq5toI4uFDZsv%2FQJexXNg0DQhdgzYVUA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELdnQ0TICBxHCs7pD4n0uwg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D2B3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYr4CcvQEwAQ&v=APEucNVdJZ4l5K1GMI0qhzi2pOpronKkxmJQEEQqfA4HQphWaHKaAxf3qdOUDaDEJRxk17cxSZ3Q8PdkTbjsNo1IlNzAcQOsu3TRDg_D5KxpYEIdvxDBW4W4ClaEf4L-aw2kfi5s8uy8spm_nVRGppAxAsuM-aHq-ci3GSnn9lX5NMktJE5kLpQ
Protocol
HTTP/1.1
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:02 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
283bb1a9-db87-475b-944c-6a5b360e53bd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMAXx29WqfnyZE-tKxiWJ_Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D2B3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYr4CcvQEwAQ&v=APEucNVdJZ4l5K1GMI0qhzi2pOpronKkxmJQEEQqfA4HQphWaHKaAxf3qdOUDaDEJRxk17cxSZ3Q8PdkTbjsNo1IlNzAcQOsu3TRDg_D5KxpYEIdvxDBW4W4ClaEf4L-aw2kfi5s8uy8spm_nVRGppAxAsuM-aHq-ci3GSnn9lX5NMktJE5kLpQ
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:02 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
7f358bf3-6d2c-450a-b7a8-a4d0f94e7824
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjcwODczODI5NjIyODMyNzk0Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 82CB 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2953
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 12:10:49 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 9918 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:57:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9918 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:02 GMT
sd
us-u.openx.net/w/1.0/ Frame D6E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI8Z8F-owY_e8VhoC2Hwm5A&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI8Z8F-owY_e8VhoC2Hwm5A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNVo3JHwVVBOvE0CGXpd8dFSHxymxJDU6ISH2ROoqepwToaRnH-rcQ1qgnXjH_tHh93gLg066FlXmGFp07q79YwVcCcuIAK_fFjBzZas-Ke4SYq7fSZDtRKDrokm4iWjHBGip3sL1TPdSLGp7KDL0E_uqPdrhL9BPitjcW7VD6ta-2lZ1Ic
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEI8Z8F-owY_e8VhoC2Hwm5A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame D6E2 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNVo3JHwVVBOvE0CGXpd8dFSHxymxJDU6ISH2ROoqepwToaRnH-rcQ1qgnXjH_tHh93gLg066FlXmGFp07q79YwVcCcuIAK_fFjBzZas-Ke4SYq7fSZDtRKDrokm4iWjHBGip3sL1TPdSLGp7KDL0E_uqPdrhL9BPitjcW7VD6ta-2lZ1Ic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
server
OXGW/485d39a
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame D6E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEEDjvVNCRJjBRHENxsiOHt8&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEEDjvVNCRJjBRHENxsiOHt8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNVo3JHwVVBOvE0CGXpd8dFSHxymxJDU6ISH2ROoqepwToaRnH-rcQ1qgnXjH_tHh93gLg066FlXmGFp07q79YwVcCcuIAK_fFjBzZas-Ke4SYq7fSZDtRKDrokm4iWjHBGip3sL1TPdSLGp7KDL0E_uqPdrhL9BPitjcW7VD6ta-2lZ1Ic
Protocol
H2
Server
184.24.1.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-1-49.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 24 Jul 2022 13:00:02 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEEDjvVNCRJjBRHENxsiOHt8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame D6E2 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQ3cu5ARjkzK3DATAB&v=APEucNVo3JHwVVBOvE0CGXpd8dFSHxymxJDU6ISH2ROoqepwToaRnH-rcQ1qgnXjH_tHh93gLg066FlXmGFp07q79YwVcCcuIAK_fFjBzZas-Ke4SYq7fSZDtRKDrokm4iWjHBGip3sL1TPdSLGp7KDL0E_uqPdrhL9BPitjcW7VD6ta-2lZ1Ic
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.1.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-1-49.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 24 Jul 2022 13:00:02 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=159337
accept-ranges
bytes
content-type
application/javascript
content-length
82748
expires
Tue, 26 Jul 2022 09:15:39 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e000cd23f80b9d053efb8bad2dc4a959b0a54e1cce90211acd5ed3f35e4dda7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
72fcd6211df89969-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5168 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 09:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 25 Jul 2022 09:41:38 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5168 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 16:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 24 Jul 2022 16:14:17 GMT
logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/ Frame 5168 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/logo.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed72b753b65a621eb94b290cd55834191051d53d9eaac856574a0d046bc85bc9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
321568
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7124
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 13:38:08 GMT
server
sffe
date
Wed, 20 Jul 2022 19:40:34 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Jul 2023 19:40:34 GMT
text-one.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/ Frame 5168 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/text-one.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a434aba1df5e9a117e0ea9db71da1e70901b10748b7545dd956935e2a7eaa9b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
376998
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5960
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 13:38:08 GMT
server
sffe
date
Wed, 20 Jul 2022 04:16:44 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 20 Jul 2023 04:16:44 GMT
text-two.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/ Frame 5168 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/text-two.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
024717640ad967a61f6cf5a91d9df5db441f64bc7f9e851f4049db08e73309bd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
541427
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8073
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 13:38:08 GMT
server
sffe
date
Mon, 18 Jul 2022 06:36:15 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 18 Jul 2023 06:36:15 GMT
text-three.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/ Frame 5168 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/text-three.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edcf37f06edaa8bb1d803af6f0e43f5b145307004583d8f7fe32de8fcfa14754
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
290685
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4930
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 13:38:08 GMT
server
sffe
date
Thu, 21 Jul 2022 04:15:17 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 21 Jul 2023 04:15:17 GMT
background.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/ Frame 5168 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/assets/background.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15422582990587932682/160x600_EN/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
921d70b41eaaf85f299bc6e960a810a3d362e548cd4d82b2b63a0ec7f7937ddf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
500996
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63737
x-xss-protection
0
last-modified
Tue, 12 Jul 2022 13:38:08 GMT
server
sffe
date
Mon, 18 Jul 2022 17:50:06 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 18 Jul 2023 17:50:06 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 58CE 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Origin
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Jul 2022 12:28:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 58CE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_CKCrQDzfc1Z3KlOvdeGuYko6bOdTn4XC7F7ShUhHbxcGZcKqsgOaP9ELSvlfuuJvqF2GGO9m13RUzcKiDYN-GQv6JxWjfaTWA4UCWfqUkMvVBOjGvMVMfeJfN84bRIlhUyJG-eGc5K5w_9QAApsUtUOAHw&dbm_d=AKAmf-CsT6pXXCCHAm98j3EMC4Oan7MzZIwqIE6fVM6GhKUTw_vx8yn_6zU-8Msr_pgq1cK4FPXf3hTpwUSiICGjAQ8myTTAb9RoDZZyZqoJd1-GOzEWpDX2B18UUbYGmPKk8-z5g0HrcJY1L_mkvKsZhUdLG97hb0r37MGIJx5A6OI1dCfy4cRBMYzfJMWLOjzSCPlhXeEHPEyuQfam3NJAzKzKSusddxoEMQ05B9rUbdCBy3mkHAAvlvXqOSZG-YOfYnSS16vgomyq89sUkLpclzmmYjr1tBmQTHCa3-6HFk3vBNrsZSovejZri9vt_G7iJa9c3tY1Qr-Q5vkPnryHkdczT24FDReVYOM6EtPwy0702OCtP_64Ny-KPg6jcxSqWg0-P2C3uKHctVVpUBNY9Ra8fPXoR-8r4W_-_ARqCDDmmRYc5bw-UDy07Vz-5o2jsKmWBMBsZ5U4eN_IJTq72seznd11yCpOKPvnVASluvp0lDcBRRBCrkwF0s50ntLDSQ4kqYbaj__42yZJgKcS7r7Y8yPtmBG-KDWaV9JWOATXW6HcQ_xis0-eXbjuAo3bRBlppg5f7rCM6IMZFoeIvlCT9H9CanfW4I94BcOug_FH6Xskne9_gc_IE8P28ZgAO8OF4GUTz05ZqlYzHYku9TYm7qfXB2ul1cBZMk_iEW1_ZXjMDiHo53NVNyC9jlxHGInC5VOZaI3oScgUlzGIJ9BO4ARsLN2Gxhdum30AeEn74-7Mly35ESBsQ1Kd_Xs8vH34qW-Qt5g4jx6ONmMyGtANterRqZ-MJDlpfP0pMIoZ7yZU7DBjB2ThKiSG7VlBTEvv1nvIRxc4tgzsG9DReXEaE3hxtEG5ddzErL6_z_s9dEXEEOTcPOsKrEkZ2H9IxAr014yUzA6a3wmGLwXVnMdPDxMcEW_ABPat8fGNuHwCDIoizMykXDAGnegVV0jxN3RhSOqqMsnLQJVrTbMpziQ4C8PPwk1X1b5Kyn3oTLC6hShVi8gVxPZaRkgWG93Gg6AKZ2DJbJXa8WDIvcT_1Zzn14Kp7NtvINN8xVa7kvE3QnIPtBkIwNwDCjrJVg6kmCpK7SSn9um2KM2OGvyyNmshUQQONP91dRu8lDzGuNd0UdGprVgRz_NmEHYD8iFWCOBCckGoFzbIFJhF6Zw4IDrd2uKJhfG--LYN_F3zBTbdj4VqQD1EsBu3er75noJFICZ5UZFvduAIqq9J57WopV3aAsiGtBsKzu5oCC5aGXIloWPDo6bKE2hu4C2BDW7nXbvPrQP1MIY6CQDxLdDuc31oVoYH2ck3jU9N-WSAryADecifSHmi3REZChtYUqgQUAUfUePevdAVKyOsG3nHdFgiDCxGv3-gsqnw89-xgQWx3oYQEQrh8ivJ9lhwxGrUlNztK4vCtLPFoaPQU6aSO0Qne1LVsx4k0EKgPr-iTQoXeQwUL1UscUX2Mscgse48tY5TDFB4Z4hHBoQPreYwjsme2AGG0xnxagdtwkWhMEW8yBS6U5XfvQRG6toz06yOZ7BVNNLK3BXPBRx9hUDHKMfE0119Mf9hnbqQ6vXVly1dVCrLYCM9joFVnhPRJRMTGIaWqusoTgM5mE3r__r61StgQceuJF_fNvM0G1K2tanyCdPltxLLYiBJh7ZRlNN3YDA4UbQXTqDyFF4z0DglnnoC9td_FpDHdlLsJ9-kheWC6Ax-1Ic3PKFEPBRAg25BGxMGLrclZXMEDUq_3dg_qjln4YeaL7dJKNzPIzEKVp_jRXg0StlhwU-GSTvYYzbS2W4bGJYt6hUqKC218Cbff_Fa9Ot0rx8QokqHjmxdIswYJFVwFDeDW9VM0IYsthLlhoRem6QgvV2CwyR_7IJMKuPrCLQnZPR9c3M3TaOG_1ARaQu6GJQC-8SSg0s4bNq03VhMOR1vunYNCeRLpOiEvT6wGINQR5VTZnfVBu7dG5tVckWu1J1mQAu1whR_Ts8WOGUr-sr3zjIA1xnvqoBQl0rD2exGIOQO5SaqfkmxTaAXeEhGZbwOczvCls2DbOMvEoNLlbmDm1pYBszUi4R5n4hNXHblTMoSZ-qh3Ejxc87ge8yM5wE-1k6aJz4qeFOBQQ7koJbbOMebQ5UB_8RESP1lDebH0qqI4uCBTWuLiPQ-_DhhMQSMPHxbj6QvwfH9De2EXjgywZ35ZFXZggK0NUpOnEk2On6pwXm4xXGsGHYiAmF4d770ysBYa1yWgfOo0iUaAnqM_33THUW7vOVQd9DxgWHsicNyZTqYI4X3JtU7ryjIFQZ5M5z3mKt_Oyhykc80u47z7VSoe57SHa7FdmbwNpo7w_MZQTQINUO2ZoMAeZY_SCeigzTcWuQbmgtsttt5dXyi1wnFfNpkCJXQZLD5HXiIiItJh05EHpt82dyM8xtkgaeCnr1zkf0eBUCdjQIUaNMh1qvbaOHaiDtIRFkmQrUoUKtFsf0x9m6kB_bWvMv0VUxmFuVTkCodH3SsqLHSnRrHUYlu9K4M5bErNQsrnh-Od8WJam0Ssp5yhEP2WYqypT9aCHN4NQL6cBQgqBuPOsH5mfIMDugkaoJ7zbxIsbalmrjtqQtoxt-TCmzPDUAA0VEvCxEauqW38nrdNUukA7tJX22MT2VmvZWDHYd4gauzD9Hskv9yCkc5cotJ8pEhY_XryhzUvi5BXvK-LlwHn57shTIgwXbA58u5PObau1iiqL_EDte04jn_NzzzNx4Nq6UEqhGATU3vxpbEtQsZFpUDLRMRpLSO88Kd15BV0RYiZu8FsEn6-KzdK2FwlCK6vhDd0gUsC66MKVh94OnVbyFfdLvtZVZ6nTbNDsaSpH1wGlLoPQ5LvsnOMy0L9TayRvslCGp6_daDa7prXL3YoLCLPtCDv3BzLA5G0Qz-mT5iz_WSI87ht_4PUWAHFQgbtV9AnBBfLS6hYIpOJcF91Xi-RN6TziBAFu8Nw0645HLoD5-a4QuMe9wP4Ne1AD-XE9uQvFItIvLlX9xBh8-5LF5BX_tLfI_TYYI19MChfBIv8Eje6fEYIUunAbS5bWxV-4gSxVu0XjMqpWSAZPR0Ps9ttmY_d-1qwZESEUdHxTLuxRGeB1N2_m_Q_92uDwc1Xll0LWG2ZQoW0wZ02bu0RsFLVhiAAT5trooKFZOopDxvyf7q45O-9F84NTSmKr_cTh_8kRjADL-juPVNkVLN7Gq5txANG6K26N1Y_KxMMqHlZX90mLN-hML23g0n5shFNR7XeY316PyF5lviVgo2trZVEqkz6Rj47zMlAiRvAudvqewEJqv3G3mFaCVTOqk35wPmai9vxzPFJzoJXSANbbBCY1mYtx3cBCpuVUO2Ncd6XSXbK3xdfR-Z2P0DxP6LvdznXaheWHo46B7CsuT4Sv---XtNY3YJkv-hhhPV5rzaGnelE8GpW_XvTx6ePULZ3SKyw5tOcycE5m9qn9owLl7Pe5PtJqrJrSsDT5VMvbyhyWxFMOuZbH0-hU3-LWADscm6I031SRQiTvsnSwj9Je8Y&cid=CAASJORoUtEuIJr7LVukyQzI8ZbaTpmfN_CpKF1FYJ7UdjsttS5Yxw&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:58:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 58CE 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A_CKCrQDzfc1Z3KlOvdeGuYko6bOdTn4XC7F7ShUhHbxcGZcKqsgOaP9ELSvlfuuJvqF2GGO9m13RUzcKiDYN-GQv6JxWjfaTWA4UCWfqUkMvVBOjGvMVMfeJfN84bRIlhUyJG-eGc5K5w_9QAApsUtUOAHw&dbm_d=AKAmf-CsT6pXXCCHAm98j3EMC4Oan7MzZIwqIE6fVM6GhKUTw_vx8yn_6zU-8Msr_pgq1cK4FPXf3hTpwUSiICGjAQ8myTTAb9RoDZZyZqoJd1-GOzEWpDX2B18UUbYGmPKk8-z5g0HrcJY1L_mkvKsZhUdLG97hb0r37MGIJx5A6OI1dCfy4cRBMYzfJMWLOjzSCPlhXeEHPEyuQfam3NJAzKzKSusddxoEMQ05B9rUbdCBy3mkHAAvlvXqOSZG-YOfYnSS16vgomyq89sUkLpclzmmYjr1tBmQTHCa3-6HFk3vBNrsZSovejZri9vt_G7iJa9c3tY1Qr-Q5vkPnryHkdczT24FDReVYOM6EtPwy0702OCtP_64Ny-KPg6jcxSqWg0-P2C3uKHctVVpUBNY9Ra8fPXoR-8r4W_-_ARqCDDmmRYc5bw-UDy07Vz-5o2jsKmWBMBsZ5U4eN_IJTq72seznd11yCpOKPvnVASluvp0lDcBRRBCrkwF0s50ntLDSQ4kqYbaj__42yZJgKcS7r7Y8yPtmBG-KDWaV9JWOATXW6HcQ_xis0-eXbjuAo3bRBlppg5f7rCM6IMZFoeIvlCT9H9CanfW4I94BcOug_FH6Xskne9_gc_IE8P28ZgAO8OF4GUTz05ZqlYzHYku9TYm7qfXB2ul1cBZMk_iEW1_ZXjMDiHo53NVNyC9jlxHGInC5VOZaI3oScgUlzGIJ9BO4ARsLN2Gxhdum30AeEn74-7Mly35ESBsQ1Kd_Xs8vH34qW-Qt5g4jx6ONmMyGtANterRqZ-MJDlpfP0pMIoZ7yZU7DBjB2ThKiSG7VlBTEvv1nvIRxc4tgzsG9DReXEaE3hxtEG5ddzErL6_z_s9dEXEEOTcPOsKrEkZ2H9IxAr014yUzA6a3wmGLwXVnMdPDxMcEW_ABPat8fGNuHwCDIoizMykXDAGnegVV0jxN3RhSOqqMsnLQJVrTbMpziQ4C8PPwk1X1b5Kyn3oTLC6hShVi8gVxPZaRkgWG93Gg6AKZ2DJbJXa8WDIvcT_1Zzn14Kp7NtvINN8xVa7kvE3QnIPtBkIwNwDCjrJVg6kmCpK7SSn9um2KM2OGvyyNmshUQQONP91dRu8lDzGuNd0UdGprVgRz_NmEHYD8iFWCOBCckGoFzbIFJhF6Zw4IDrd2uKJhfG--LYN_F3zBTbdj4VqQD1EsBu3er75noJFICZ5UZFvduAIqq9J57WopV3aAsiGtBsKzu5oCC5aGXIloWPDo6bKE2hu4C2BDW7nXbvPrQP1MIY6CQDxLdDuc31oVoYH2ck3jU9N-WSAryADecifSHmi3REZChtYUqgQUAUfUePevdAVKyOsG3nHdFgiDCxGv3-gsqnw89-xgQWx3oYQEQrh8ivJ9lhwxGrUlNztK4vCtLPFoaPQU6aSO0Qne1LVsx4k0EKgPr-iTQoXeQwUL1UscUX2Mscgse48tY5TDFB4Z4hHBoQPreYwjsme2AGG0xnxagdtwkWhMEW8yBS6U5XfvQRG6toz06yOZ7BVNNLK3BXPBRx9hUDHKMfE0119Mf9hnbqQ6vXVly1dVCrLYCM9joFVnhPRJRMTGIaWqusoTgM5mE3r__r61StgQceuJF_fNvM0G1K2tanyCdPltxLLYiBJh7ZRlNN3YDA4UbQXTqDyFF4z0DglnnoC9td_FpDHdlLsJ9-kheWC6Ax-1Ic3PKFEPBRAg25BGxMGLrclZXMEDUq_3dg_qjln4YeaL7dJKNzPIzEKVp_jRXg0StlhwU-GSTvYYzbS2W4bGJYt6hUqKC218Cbff_Fa9Ot0rx8QokqHjmxdIswYJFVwFDeDW9VM0IYsthLlhoRem6QgvV2CwyR_7IJMKuPrCLQnZPR9c3M3TaOG_1ARaQu6GJQC-8SSg0s4bNq03VhMOR1vunYNCeRLpOiEvT6wGINQR5VTZnfVBu7dG5tVckWu1J1mQAu1whR_Ts8WOGUr-sr3zjIA1xnvqoBQl0rD2exGIOQO5SaqfkmxTaAXeEhGZbwOczvCls2DbOMvEoNLlbmDm1pYBszUi4R5n4hNXHblTMoSZ-qh3Ejxc87ge8yM5wE-1k6aJz4qeFOBQQ7koJbbOMebQ5UB_8RESP1lDebH0qqI4uCBTWuLiPQ-_DhhMQSMPHxbj6QvwfH9De2EXjgywZ35ZFXZggK0NUpOnEk2On6pwXm4xXGsGHYiAmF4d770ysBYa1yWgfOo0iUaAnqM_33THUW7vOVQd9DxgWHsicNyZTqYI4X3JtU7ryjIFQZ5M5z3mKt_Oyhykc80u47z7VSoe57SHa7FdmbwNpo7w_MZQTQINUO2ZoMAeZY_SCeigzTcWuQbmgtsttt5dXyi1wnFfNpkCJXQZLD5HXiIiItJh05EHpt82dyM8xtkgaeCnr1zkf0eBUCdjQIUaNMh1qvbaOHaiDtIRFkmQrUoUKtFsf0x9m6kB_bWvMv0VUxmFuVTkCodH3SsqLHSnRrHUYlu9K4M5bErNQsrnh-Od8WJam0Ssp5yhEP2WYqypT9aCHN4NQL6cBQgqBuPOsH5mfIMDugkaoJ7zbxIsbalmrjtqQtoxt-TCmzPDUAA0VEvCxEauqW38nrdNUukA7tJX22MT2VmvZWDHYd4gauzD9Hskv9yCkc5cotJ8pEhY_XryhzUvi5BXvK-LlwHn57shTIgwXbA58u5PObau1iiqL_EDte04jn_NzzzNx4Nq6UEqhGATU3vxpbEtQsZFpUDLRMRpLSO88Kd15BV0RYiZu8FsEn6-KzdK2FwlCK6vhDd0gUsC66MKVh94OnVbyFfdLvtZVZ6nTbNDsaSpH1wGlLoPQ5LvsnOMy0L9TayRvslCGp6_daDa7prXL3YoLCLPtCDv3BzLA5G0Qz-mT5iz_WSI87ht_4PUWAHFQgbtV9AnBBfLS6hYIpOJcF91Xi-RN6TziBAFu8Nw0645HLoD5-a4QuMe9wP4Ne1AD-XE9uQvFItIvLlX9xBh8-5LF5BX_tLfI_TYYI19MChfBIv8Eje6fEYIUunAbS5bWxV-4gSxVu0XjMqpWSAZPR0Ps9ttmY_d-1qwZESEUdHxTLuxRGeB1N2_m_Q_92uDwc1Xll0LWG2ZQoW0wZ02bu0RsFLVhiAAT5trooKFZOopDxvyf7q45O-9F84NTSmKr_cTh_8kRjADL-juPVNkVLN7Gq5txANG6K26N1Y_KxMMqHlZX90mLN-hML23g0n5shFNR7XeY316PyF5lviVgo2trZVEqkz6Rj47zMlAiRvAudvqewEJqv3G3mFaCVTOqk35wPmai9vxzPFJzoJXSANbbBCY1mYtx3cBCpuVUO2Ncd6XSXbK3xdfR-Z2P0DxP6LvdznXaheWHo46B7CsuT4Sv---XtNY3YJkv-hhhPV5rzaGnelE8GpW_XvTx6ePULZ3SKyw5tOcycE5m9qn9owLl7Pe5PtJqrJrSsDT5VMvbyhyWxFMOuZbH0-hU3-LWADscm6I031SRQiTvsnSwj9Je8Y&cid=CAASJORoUtEuIJr7LVukyQzI8ZbaTpmfN_CpKF1FYJ7UdjsttS5Yxw&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:55:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10526
x-xss-protection
0
server
cafe
etag
4815257668744283084
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:55:40 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8A3C 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Origin
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Jul 2022 12:28:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 8A3C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaoATeProV-2LunKYXrZJz04XaqkVF4rIF0heEeQyldOHq3IoAPu652T41Naebo7e_cILvnY2XhYlbjw1woP8lVS9j8A&cry=1&dbm_d=AKAmf-B_FdnIcXk6l6qipauI_T6g6t2He3y10eeaz-To4Q00sfKsrJAK2G4OSIRDPWw_FlqvIqTLwj87c9WBNMUUjRlE2BMEQ_W0LVVHQx_l74I3UOKw6rBb4Gomn5BW8Z-5TS4ozgEFZSssPp5-zESNcRXh-9wkDkcmtWtM5fRuXztd-dz2jK5-ZaTWOgZ9WTv9N_JJTXmGAYxOCFSxrPyciEaNk0EUZ5NJDfPPJiJy9jtAK3cUkFaRw07krNCuL_vrvz1RkxrGvxMduhBPGDG7hxGEUcpJJU-oINSO5_tlI_E1pzGGtEFSXMNwXxCsT4y6nje7j9KeLI5bc5-shpo4rBmkKDwyakGeIKtmS8_D3bGCSbQizHkSttkx3LIJIyIK_UUfdLIRAR7nUrIe3v7V_L-ADNrp0NXe5VniTUFnKIdfl1ZygQr-tTv1lCrlDKiRPpAvgr3hRVm0aZ-CmOX_tLdDSREkA9I5G7ySh5r0iCJ8Bf7BvDClWwnJ9BJLFVpe-3KErYLoDQ043b6NbxrG7xcmzmgdJsrXPDughccCogmTt9qifAOv5Hi2g9Zgo-xqlPJVpRFDdcEl3GBbceju6T295lUcuKCPVjklbUCGWpau064_SVZPKa5V6a24MpovjgNyhP-K_JZ2UQuQrGYzTk_CoKOdaOXJrg9Y2p2ll_13ofP3ApLtBOgSYBzdACdUw2TaQw4fQG0KbVBYpOzKEEAL2KlRbccHGkvoE22TMmlw0rQhpAWYd_vo3IevwZCIAe_23lmuNnpW74Xyq4F14x9WqGbQw7E9NDtPqUo-IzoQzt15htOVitwpEO0e3Rfrw1JxyUsnkdfHjUJuwbVkRs44j9pCnTCJ7iTyIHOkgAoqVeqhAQWsAbZ7CRUqistlnLlQPOWozkddkWdzvXY5F9LFvWxUdNSIFTSWxTuRLesS5hYqOLak5nJlKZgbR8YlgVzbLAS8m0_1FVn-1MwJOkU0fivNmdC98xpikp755tLtROHDI6KllhhdCvjJ9CCrL91vxha6qdEo9UAmt_ylb4PJstZMK0XnHFvcRI5oJjbwZUnERcLDrzqXUJM43MZUDF9magju2g4Vtyea66-aEhSa5bcpdaH9mSTJKrltlHiWCthbFkLqFKUd9ErXRjR_nXHYITKTBIccxRNGycM_qY6KRHDLn25-_NR5js-HvUL6DhuzbNM9rwmrsccPwpl-4tIT9dpg_iRuj3U9gM8WQUdyQ0bAY9LfaZfInsJEJ2zU9Zn4ck-k-TrdiTTVZAGBg5UiJ1M_cX2JAzUh18F7_2Fvr44H6o2vEcbXt94qVRF2obhTZDVjvA8XDB8XPIm15TKSvYP8WlV9kF2CTHYakT_3G-MT7AJrG5TN4u1UPHIAl-lRDHgTHvWD_7hATBjWrkYGD64XU2hKkZ-gt1WLElh8bvS4k60YcRiJnGyb3JQrfh20Atn1OMgwLBxdr2uixU98zftMwsYI2ImsmNKVu8eJNm2FEk6kwDs9zUWYh9qtB_uLrmN9wEyamuAK4W84Jz7sWpBV6gL7DWXf3vE7GpZWgQPRaLLcOGs4Mz1lyHDhSRM8lq40SnGc2xgpwKnCfSjaZETXOOkckuIBj-xuyueY5w9EMYmw9y7qu0YnNRbZebsTkW88a7efBzvQ1CrRlm3dGUXf4bCYQGx37idBFaLbUU-PPG2-aeWCxiGNjJOes4fXmUYmWdWgAP8UDHTT0BDBgrBTtzUSEkbqFGBqr7hHv9wipAXhH8DXdkkFxE0ZBTzk3ic3U1101llvPl8K4MggaZVhQvUlQP-LNx4fi3_U9EtCjtJZLZm3QXFRf-bgYyMxX8EkD5Nxkrw01JFCD1tkgGuGES1Y8lfUud-jiuNTeu-SnnNyrAtNsZngP1hxIJ4wIT3rnEW5frZhddJPHrFVAOkxs-SiVm6jdKGTPZzp0DVdZ0oTZ-NnOUeYxjLlwg-kqMtXvr-0IoNH3dv1Pi9JFD7PfnygT90eoXU9UBFSeoJBaq078QQk8wK3PnhtVQNSFLp58uq6guoWV5y_k1JEsvfnCGomUa7zyrDvPwLE_jvpyz9Dk3nNo-4C4-vox29B-7FPp2X-n_y0Fv-fRMkwo7d06t5LzwcrijDX8vRQa8d_qof8_EaZuNbXg7No1prDg55BMnnAFjgvfg_ojo1TnxXZivzWURP4mrhkDDCekKxYRs2Wgt41mRYswUoqwWcQs31K5Dt8JC8UFZkz03TT0RpFA1V79dp6p85_fft19bSgyxALQwhlbuuBAxLEie2XRCxMSp-kESut8sHWK14WhARq-S7sVxcOr2xHWs5zszMfrbvTuvi_Xitz3TUMdtZbfwmMkoGzmjK_HDjepD7bHY3qmW5EDqr71O5Qul54jMTSrAI4HmGWNnvnYy58UtqhX2mTIV8MNGoXKRvcr5DP1Bqz9jP4k8XHNKLK_HThA3ouSQG1ns5BnMsBFLwr3a8c4oq4hwZj7mfQ9XEg9H_Ajx7iIFGg9IS9DFCaBK7e9SvCxAobFvfYJFZ8Walm7Xv_xVQRK8WmV0QSrVMeeMVZjaEi8FGXmh7gbz6SNWCIo0MNhBJ0EuAwHvEzwExNQJHLYgqTagBvoPltT8l1pDlAYSCUDHXvjrisoIKfLssX6Y30pi5cbMYj6sWAH_g_Wd4yyjadHVZjcptOcKAEWDxTcRinQr7TKq-lt476kTxTM4iwUYrX7qnQeYtqOQRQIC8-JpbAY3pbxsXIOwyonM0PCN75teZx1A3TnPujV9Pl4zXn4Vw_Bi2ED31jOYR-HJ6QmiGWkUjK-FxhGGlzVXpFMjYwukqQet-xLb_PrfAPLubwl0PTGX1zvjD9024CHGUIzDILx9WjlvbDKYVWGDSKFizx7JKmZ_cEKeFvqcr82LO3J_bwlmf2h06luAcYLrd-n8ZO5a7yP4bpbZkTZiFhFAJE14CDjaKRsg4v7yFpYv3vApCkmnwpfjZaYu8lcueH8JchRH619z7jVNkS115pyJI8IHdQSxDCTvtm64XM2vJUosrIy5m6Ufez59vg0xY_CXwHFQOBHAJrrFdS0P1aVW4ycN1b0kob5GdRLZX9YEbuJxyuajJNDL8h_cgHx-q5bmYSI8DwYoYoCuHlycger_Hik9zH_xqZ2-iNalIouIq7VA&cid=CAASJORoXWL0DuPOn338YM_IX14nXRcSOhc7OZiA_Sy6Q1ATKU-PiA&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:58:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 8A3C 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaoATeProV-2LunKYXrZJz04XaqkVF4rIF0heEeQyldOHq3IoAPu652T41Naebo7e_cILvnY2XhYlbjw1woP8lVS9j8A&cry=1&dbm_d=AKAmf-B_FdnIcXk6l6qipauI_T6g6t2He3y10eeaz-To4Q00sfKsrJAK2G4OSIRDPWw_FlqvIqTLwj87c9WBNMUUjRlE2BMEQ_W0LVVHQx_l74I3UOKw6rBb4Gomn5BW8Z-5TS4ozgEFZSssPp5-zESNcRXh-9wkDkcmtWtM5fRuXztd-dz2jK5-ZaTWOgZ9WTv9N_JJTXmGAYxOCFSxrPyciEaNk0EUZ5NJDfPPJiJy9jtAK3cUkFaRw07krNCuL_vrvz1RkxrGvxMduhBPGDG7hxGEUcpJJU-oINSO5_tlI_E1pzGGtEFSXMNwXxCsT4y6nje7j9KeLI5bc5-shpo4rBmkKDwyakGeIKtmS8_D3bGCSbQizHkSttkx3LIJIyIK_UUfdLIRAR7nUrIe3v7V_L-ADNrp0NXe5VniTUFnKIdfl1ZygQr-tTv1lCrlDKiRPpAvgr3hRVm0aZ-CmOX_tLdDSREkA9I5G7ySh5r0iCJ8Bf7BvDClWwnJ9BJLFVpe-3KErYLoDQ043b6NbxrG7xcmzmgdJsrXPDughccCogmTt9qifAOv5Hi2g9Zgo-xqlPJVpRFDdcEl3GBbceju6T295lUcuKCPVjklbUCGWpau064_SVZPKa5V6a24MpovjgNyhP-K_JZ2UQuQrGYzTk_CoKOdaOXJrg9Y2p2ll_13ofP3ApLtBOgSYBzdACdUw2TaQw4fQG0KbVBYpOzKEEAL2KlRbccHGkvoE22TMmlw0rQhpAWYd_vo3IevwZCIAe_23lmuNnpW74Xyq4F14x9WqGbQw7E9NDtPqUo-IzoQzt15htOVitwpEO0e3Rfrw1JxyUsnkdfHjUJuwbVkRs44j9pCnTCJ7iTyIHOkgAoqVeqhAQWsAbZ7CRUqistlnLlQPOWozkddkWdzvXY5F9LFvWxUdNSIFTSWxTuRLesS5hYqOLak5nJlKZgbR8YlgVzbLAS8m0_1FVn-1MwJOkU0fivNmdC98xpikp755tLtROHDI6KllhhdCvjJ9CCrL91vxha6qdEo9UAmt_ylb4PJstZMK0XnHFvcRI5oJjbwZUnERcLDrzqXUJM43MZUDF9magju2g4Vtyea66-aEhSa5bcpdaH9mSTJKrltlHiWCthbFkLqFKUd9ErXRjR_nXHYITKTBIccxRNGycM_qY6KRHDLn25-_NR5js-HvUL6DhuzbNM9rwmrsccPwpl-4tIT9dpg_iRuj3U9gM8WQUdyQ0bAY9LfaZfInsJEJ2zU9Zn4ck-k-TrdiTTVZAGBg5UiJ1M_cX2JAzUh18F7_2Fvr44H6o2vEcbXt94qVRF2obhTZDVjvA8XDB8XPIm15TKSvYP8WlV9kF2CTHYakT_3G-MT7AJrG5TN4u1UPHIAl-lRDHgTHvWD_7hATBjWrkYGD64XU2hKkZ-gt1WLElh8bvS4k60YcRiJnGyb3JQrfh20Atn1OMgwLBxdr2uixU98zftMwsYI2ImsmNKVu8eJNm2FEk6kwDs9zUWYh9qtB_uLrmN9wEyamuAK4W84Jz7sWpBV6gL7DWXf3vE7GpZWgQPRaLLcOGs4Mz1lyHDhSRM8lq40SnGc2xgpwKnCfSjaZETXOOkckuIBj-xuyueY5w9EMYmw9y7qu0YnNRbZebsTkW88a7efBzvQ1CrRlm3dGUXf4bCYQGx37idBFaLbUU-PPG2-aeWCxiGNjJOes4fXmUYmWdWgAP8UDHTT0BDBgrBTtzUSEkbqFGBqr7hHv9wipAXhH8DXdkkFxE0ZBTzk3ic3U1101llvPl8K4MggaZVhQvUlQP-LNx4fi3_U9EtCjtJZLZm3QXFRf-bgYyMxX8EkD5Nxkrw01JFCD1tkgGuGES1Y8lfUud-jiuNTeu-SnnNyrAtNsZngP1hxIJ4wIT3rnEW5frZhddJPHrFVAOkxs-SiVm6jdKGTPZzp0DVdZ0oTZ-NnOUeYxjLlwg-kqMtXvr-0IoNH3dv1Pi9JFD7PfnygT90eoXU9UBFSeoJBaq078QQk8wK3PnhtVQNSFLp58uq6guoWV5y_k1JEsvfnCGomUa7zyrDvPwLE_jvpyz9Dk3nNo-4C4-vox29B-7FPp2X-n_y0Fv-fRMkwo7d06t5LzwcrijDX8vRQa8d_qof8_EaZuNbXg7No1prDg55BMnnAFjgvfg_ojo1TnxXZivzWURP4mrhkDDCekKxYRs2Wgt41mRYswUoqwWcQs31K5Dt8JC8UFZkz03TT0RpFA1V79dp6p85_fft19bSgyxALQwhlbuuBAxLEie2XRCxMSp-kESut8sHWK14WhARq-S7sVxcOr2xHWs5zszMfrbvTuvi_Xitz3TUMdtZbfwmMkoGzmjK_HDjepD7bHY3qmW5EDqr71O5Qul54jMTSrAI4HmGWNnvnYy58UtqhX2mTIV8MNGoXKRvcr5DP1Bqz9jP4k8XHNKLK_HThA3ouSQG1ns5BnMsBFLwr3a8c4oq4hwZj7mfQ9XEg9H_Ajx7iIFGg9IS9DFCaBK7e9SvCxAobFvfYJFZ8Walm7Xv_xVQRK8WmV0QSrVMeeMVZjaEi8FGXmh7gbz6SNWCIo0MNhBJ0EuAwHvEzwExNQJHLYgqTagBvoPltT8l1pDlAYSCUDHXvjrisoIKfLssX6Y30pi5cbMYj6sWAH_g_Wd4yyjadHVZjcptOcKAEWDxTcRinQr7TKq-lt476kTxTM4iwUYrX7qnQeYtqOQRQIC8-JpbAY3pbxsXIOwyonM0PCN75teZx1A3TnPujV9Pl4zXn4Vw_Bi2ED31jOYR-HJ6QmiGWkUjK-FxhGGlzVXpFMjYwukqQet-xLb_PrfAPLubwl0PTGX1zvjD9024CHGUIzDILx9WjlvbDKYVWGDSKFizx7JKmZ_cEKeFvqcr82LO3J_bwlmf2h06luAcYLrd-n8ZO5a7yP4bpbZkTZiFhFAJE14CDjaKRsg4v7yFpYv3vApCkmnwpfjZaYu8lcueH8JchRH619z7jVNkS115pyJI8IHdQSxDCTvtm64XM2vJUosrIy5m6Ufez59vg0xY_CXwHFQOBHAJrrFdS0P1aVW4ycN1b0kob5GdRLZX9YEbuJxyuajJNDL8h_cgHx-q5bmYSI8DwYoYoCuHlycger_Hik9zH_xqZ2-iNalIouIq7VA&cid=CAASJORoXWL0DuPOn338YM_IX14nXRcSOhc7OZiA_Sy6Q1ATKU-PiA&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:55:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10526
x-xss-protection
0
server
cafe
etag
4815257668744283084
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:55:40 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8F72 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Origin
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Jul 2022 12:28:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 8F72 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5vDupneCICnBQ3t-NOmW4lHlhCUurOYy6Lzc4g8HgEurhnBJZntWMva5uqrlqfHAkDywrtB2NEBxLOEkkvozi5xuI9w&cry=1&dbm_d=AKAmf-Ar66Qf2CbqtZtJ8Yw8OWMWYsx6xK8oFK64U4m0YtUwH7ZPP-nRx-8a1AQ2iJ7cAA2Pj0Ak2IY4i3DyusmxGyVCz4yQ1b4GTIbbib7xLJROESAA2BCcGAqxd3OLwtwddNgMAVN_yX7-bbh65bUVcJuUTvO-f_f4pyDdFj9A12vaK_jKtTzjtD0InwZNscNIgc_7wgo3dBfrP3xoEOvPlbQ9gI0m2jDPmyyhovxly6ZFqhwi_nWheQoRH4LILVsDALsZp-0B9YEVhk-RDkcI3j9pECCl_KtxxRHlR3MpdPrixdqiVG1iGervXIlwSJ0Z06GUSAiVpj6zNvjBT7mtvN40zIPzeboIcJ9NHwVF-kHysm8da71vg7QAAYZqzSG11z_-AbM7rlMjiFdgCNU5IttrnjwBq5-P9HjBp-qHMedrbO5l-VQvktSNS86Vuju9smTV3rPWBNAtaGS0c020xdfLbrge3Z-D-6yinttnmy7W3ZXiqpq_BN1g2GE_shSQYSJWB46_aoFo_GjRCFt1Ie7fvffPnhMuVlf8l0esyv-8MvCsP_bAShCUmjrQmD3NzO-dluTphW9bavvr-JWty6Lsqg9ma5TATyzNeK0LLgcN1PH6NTCLEFTzZZulkLkjkQAwKiSh5u8CeqpmBgD4PGor1phDwvLkrWz27V28Dlj-99LyukffoY7bSsdpxk9-E23MTLCo_ufCj7JgKY8LVz3FbZ8eWG3TT3ooPcJuTXGhnVKr8X1J5WDmhEJih8X--UjDSjDNXkJdtyC9d_urmUR8AUWLmcYnAzL3x83-U_szaktPctxqzh8CIlzp7sfkRDuAzh6OTtQB6R_Pn4c6Lc_Xg5vqQgMY9uIX0hIGm6PqNGXl8UJNeFL9ocrmH7nyr404bIqpyYPtdfhkbniksP8F5gdQKLdC9NiyHPn6DVIbEdLHH4EbbCZsGhQtV8WeDBrhmDWl7GL91oxAFm3phJcV8sILjmErZCldYqkdMc-WGxATVLqwU3NcHXENDZ29JXss66ZhagzRLjwKZIEUvg7Y1i5WwFCa2Nqet-qcMeC3Jv_Ebk66j5CdzBOAYE1P5niUa_VFvE2NXfMcINOcIcfioiudC5kXmUoulSP86TNbSlZibe0YenV-pfb2KSXREwpWADroea4eBDcnpf16aK5HV_2TUA4XO7in4URDEEjMNOIir7gI645RfYU38AirwmYM3YIQ3H_EI9TBGyBa7Tcr-N-lqWVm_k_1bJSwnYBruKpVjRHmcMwiJw2t1yryMxx2FvlPjK3lwGzHvjeLQEp2jMQLcL2ii8ypFJa8LU5ZK_lWXoO25VGT07O_ClRy3f-JFdPC9IGoCtw5klx-AiXkskHtdnzKBIyoC4bCGPeq3SrpGne-RpHmK-m6cuOq7dw46nsapfaetgPTH6sU8y0ClMIw5Q8dVfjKKsbxXmTmkr020B2f_qMzxtthsEt7SOzGngSbEGQLWizbXtHJofDj8EGfJwfCIxDtv50kH-8UxQWukXCVQxkM_-gzt9gUZImFggLe7UH_54c-IpL_a61AMpFZM3jk0mWRK7l8Sx3qemd_ngrQ2N4JR4TFO6vT5rKN5K-Mt_gG13hffBKyKpvFF7E63cbC9l7xH93yZ3aWaZ9YQsG-Uusn-hdKhlZCBmSjQVRNJgjViICLr-10oAkJIVM9666p6I-y11DNekK6ZagFyAVARshX9siqaf1umbPJxmDoE3pYAOMuYeEeavKYAfQs_TzVqtsaaK6vEX-mQNMEYeGSu8sMZI1ZURyVb5k5pt8HTbbDCmMhnnllhTNmv3zkzjZYmSm1Ao7XP_tw35E0HDfmolT9Muo6FKvjihiY5faH1Bgl_3CiQJI3luZKOtmfLHMVJNaD_XAGO7WU3xDwcJKYEvfSPqadNzbhxQ0apwK5YU6aHeEq1049rI-9bEpCHYe32bsoFjpjwHiaiKzdKa9KHqQfiosdbmzNMcM9ybpv_xA_llfi5KkEOLLaN_Y_BR7PpAhsbuaFpIWcp-WeiaG5gO_nnvoFRA8ZnIQs1g_RtoX6Jmch1Qu0yZvS0TcVI443zHxz008UlulHWTHjxO6-FUU-r5hU4nEvaHQY7Eq8pOv-ewXSMO9hxMseJI7HPfFRomU718ukdsjJLfDexgsXeQd5ykbaDey2v4kkYMP7EeGd7rXWTt-5h_5euWLk_q_Gr7k9voIyiYT8g9_95SfpOEyme976NcFi1zeeFDOWNiOEelZGxljE3aaRg6BR6rZ07z6Efv4U3UKdcxnzwiAokbgTqj3AcY_P2tqt87DQt8KirwUsRCH4X-rbJZE9CJCr4MC4uMcIxpTYYaqURsEjjKTfmZGQrNxh8SONGJks-WPMgAyeNdXkusNFqJXvIh1lQyu54hfF_7qx1zoZB4f1sWLd1cPaZypNfvjiFkrkUYH1OyHwk0DrfcQB47-SQKLerUZvFz9ZEdgVrh6waMjXxZ18q2-OorVtwBaOnIJZfprOyWiqTT-NY2lQWQjCLS_nkx-GqTa9WlYqMBpzTcURxmLUZ2J6NF6bctScPsbWoO0RlpwJo-HJV2itRSS30AftSHotkMXzs1be58Dgwy4Mm74i8Y3jTi22DBl_8xYn794B5qJHvK0kCtdCHhiHL5o_dYpqKUp8WmLRi65XTOUV4P0nd6rCzOx_bULW7a4gEIZXxPbzDfZ3EuREP7y2ocM1eof-ME62GpXnTHe9MvwzUCRFakk1CEqrXY5uQWDaZtolQvyJtRzHijHL8rQzZeXWXrzEP6p6dhUk-gzzCmSxb8jMpFk0s0b-ywq-9DujFHFgAI67Edt4yiViBVy-zQKSzqc5Tpg0HnrrYbr5EQdG3pt6tI3zM0tA4bbl1gSSFyOf4nWnkl5pXDidEicDtiQ_nHAmz3xlkoDOWAm6f4zfv8NbqYOgAthevfApY5k7iCbXjsYXpq46X627z7kWsaOZ5jzBbTjqiVhBCg-7d67RgMYQKXXBuhdPVLxK_Vohr9xppHGuJYhPQyq6MrufS8QM6pT1se0YbPE2yVvPLUvpyYOug4fawMhuiFP4W-n1a0hiTHAZiR5jCDcIhxOfz_grRnBwLvpDfBIob6eX7439-pnCqoBLWTq1UquP_a60P2UUJHlBjwnT4bGxIIV8Lg&cid=CAASJORooL20KWb-glEFRqQdmHAwrbw1EEgCjynaXW77Zq4S5Sb5cQ&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:58:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 8F72 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C5vDupneCICnBQ3t-NOmW4lHlhCUurOYy6Lzc4g8HgEurhnBJZntWMva5uqrlqfHAkDywrtB2NEBxLOEkkvozi5xuI9w&cry=1&dbm_d=AKAmf-Ar66Qf2CbqtZtJ8Yw8OWMWYsx6xK8oFK64U4m0YtUwH7ZPP-nRx-8a1AQ2iJ7cAA2Pj0Ak2IY4i3DyusmxGyVCz4yQ1b4GTIbbib7xLJROESAA2BCcGAqxd3OLwtwddNgMAVN_yX7-bbh65bUVcJuUTvO-f_f4pyDdFj9A12vaK_jKtTzjtD0InwZNscNIgc_7wgo3dBfrP3xoEOvPlbQ9gI0m2jDPmyyhovxly6ZFqhwi_nWheQoRH4LILVsDALsZp-0B9YEVhk-RDkcI3j9pECCl_KtxxRHlR3MpdPrixdqiVG1iGervXIlwSJ0Z06GUSAiVpj6zNvjBT7mtvN40zIPzeboIcJ9NHwVF-kHysm8da71vg7QAAYZqzSG11z_-AbM7rlMjiFdgCNU5IttrnjwBq5-P9HjBp-qHMedrbO5l-VQvktSNS86Vuju9smTV3rPWBNAtaGS0c020xdfLbrge3Z-D-6yinttnmy7W3ZXiqpq_BN1g2GE_shSQYSJWB46_aoFo_GjRCFt1Ie7fvffPnhMuVlf8l0esyv-8MvCsP_bAShCUmjrQmD3NzO-dluTphW9bavvr-JWty6Lsqg9ma5TATyzNeK0LLgcN1PH6NTCLEFTzZZulkLkjkQAwKiSh5u8CeqpmBgD4PGor1phDwvLkrWz27V28Dlj-99LyukffoY7bSsdpxk9-E23MTLCo_ufCj7JgKY8LVz3FbZ8eWG3TT3ooPcJuTXGhnVKr8X1J5WDmhEJih8X--UjDSjDNXkJdtyC9d_urmUR8AUWLmcYnAzL3x83-U_szaktPctxqzh8CIlzp7sfkRDuAzh6OTtQB6R_Pn4c6Lc_Xg5vqQgMY9uIX0hIGm6PqNGXl8UJNeFL9ocrmH7nyr404bIqpyYPtdfhkbniksP8F5gdQKLdC9NiyHPn6DVIbEdLHH4EbbCZsGhQtV8WeDBrhmDWl7GL91oxAFm3phJcV8sILjmErZCldYqkdMc-WGxATVLqwU3NcHXENDZ29JXss66ZhagzRLjwKZIEUvg7Y1i5WwFCa2Nqet-qcMeC3Jv_Ebk66j5CdzBOAYE1P5niUa_VFvE2NXfMcINOcIcfioiudC5kXmUoulSP86TNbSlZibe0YenV-pfb2KSXREwpWADroea4eBDcnpf16aK5HV_2TUA4XO7in4URDEEjMNOIir7gI645RfYU38AirwmYM3YIQ3H_EI9TBGyBa7Tcr-N-lqWVm_k_1bJSwnYBruKpVjRHmcMwiJw2t1yryMxx2FvlPjK3lwGzHvjeLQEp2jMQLcL2ii8ypFJa8LU5ZK_lWXoO25VGT07O_ClRy3f-JFdPC9IGoCtw5klx-AiXkskHtdnzKBIyoC4bCGPeq3SrpGne-RpHmK-m6cuOq7dw46nsapfaetgPTH6sU8y0ClMIw5Q8dVfjKKsbxXmTmkr020B2f_qMzxtthsEt7SOzGngSbEGQLWizbXtHJofDj8EGfJwfCIxDtv50kH-8UxQWukXCVQxkM_-gzt9gUZImFggLe7UH_54c-IpL_a61AMpFZM3jk0mWRK7l8Sx3qemd_ngrQ2N4JR4TFO6vT5rKN5K-Mt_gG13hffBKyKpvFF7E63cbC9l7xH93yZ3aWaZ9YQsG-Uusn-hdKhlZCBmSjQVRNJgjViICLr-10oAkJIVM9666p6I-y11DNekK6ZagFyAVARshX9siqaf1umbPJxmDoE3pYAOMuYeEeavKYAfQs_TzVqtsaaK6vEX-mQNMEYeGSu8sMZI1ZURyVb5k5pt8HTbbDCmMhnnllhTNmv3zkzjZYmSm1Ao7XP_tw35E0HDfmolT9Muo6FKvjihiY5faH1Bgl_3CiQJI3luZKOtmfLHMVJNaD_XAGO7WU3xDwcJKYEvfSPqadNzbhxQ0apwK5YU6aHeEq1049rI-9bEpCHYe32bsoFjpjwHiaiKzdKa9KHqQfiosdbmzNMcM9ybpv_xA_llfi5KkEOLLaN_Y_BR7PpAhsbuaFpIWcp-WeiaG5gO_nnvoFRA8ZnIQs1g_RtoX6Jmch1Qu0yZvS0TcVI443zHxz008UlulHWTHjxO6-FUU-r5hU4nEvaHQY7Eq8pOv-ewXSMO9hxMseJI7HPfFRomU718ukdsjJLfDexgsXeQd5ykbaDey2v4kkYMP7EeGd7rXWTt-5h_5euWLk_q_Gr7k9voIyiYT8g9_95SfpOEyme976NcFi1zeeFDOWNiOEelZGxljE3aaRg6BR6rZ07z6Efv4U3UKdcxnzwiAokbgTqj3AcY_P2tqt87DQt8KirwUsRCH4X-rbJZE9CJCr4MC4uMcIxpTYYaqURsEjjKTfmZGQrNxh8SONGJks-WPMgAyeNdXkusNFqJXvIh1lQyu54hfF_7qx1zoZB4f1sWLd1cPaZypNfvjiFkrkUYH1OyHwk0DrfcQB47-SQKLerUZvFz9ZEdgVrh6waMjXxZ18q2-OorVtwBaOnIJZfprOyWiqTT-NY2lQWQjCLS_nkx-GqTa9WlYqMBpzTcURxmLUZ2J6NF6bctScPsbWoO0RlpwJo-HJV2itRSS30AftSHotkMXzs1be58Dgwy4Mm74i8Y3jTi22DBl_8xYn794B5qJHvK0kCtdCHhiHL5o_dYpqKUp8WmLRi65XTOUV4P0nd6rCzOx_bULW7a4gEIZXxPbzDfZ3EuREP7y2ocM1eof-ME62GpXnTHe9MvwzUCRFakk1CEqrXY5uQWDaZtolQvyJtRzHijHL8rQzZeXWXrzEP6p6dhUk-gzzCmSxb8jMpFk0s0b-ywq-9DujFHFgAI67Edt4yiViBVy-zQKSzqc5Tpg0HnrrYbr5EQdG3pt6tI3zM0tA4bbl1gSSFyOf4nWnkl5pXDidEicDtiQ_nHAmz3xlkoDOWAm6f4zfv8NbqYOgAthevfApY5k7iCbXjsYXpq46X627z7kWsaOZ5jzBbTjqiVhBCg-7d67RgMYQKXXBuhdPVLxK_Vohr9xppHGuJYhPQyq6MrufS8QM6pT1se0YbPE2yVvPLUvpyYOug4fawMhuiFP4W-n1a0hiTHAZiR5jCDcIhxOfz_grRnBwLvpDfBIob6eX7439-pnCqoBLWTq1UquP_a60P2UUJHlBjwnT4bGxIIV8Lg&cid=CAASJORooL20KWb-glEFRqQdmHAwrbw1EEgCjynaXW77Zq4S5Sb5cQ&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:55:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10526
x-xss-protection
0
server
cafe
etag
4815257668744283084
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:55:40 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 9918 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:53:14 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8917 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Origin
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:28:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Jul 2022 12:28:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/ Frame 8917 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANGl0DmY3zuQMsGUKWJifej-zhqlN6vOSnXN7RLbEVqgWotb-2eneyGRXpEnJY8NtRAAJqxIoIFbOuU9J2LrerBhyIxDrF6c_E7_Ch3fCnxEtPYdiiWAanxGsuTCtGaCOImDbNflQ2rE2pQchtUE7tAzxKmg&dbm_d=AKAmf-BogxxTSOHhDPnN_sYj8cuSlIsv34mZK7BC_EQX5fHeGti71WTdfKVkK9sLfZUaLL2XZBs6YcwNqz1Xli6aZmzvF0_-g-dF5N00OJaP1mnzntpVLS1_Nbj6pgyd9qwTko7KaXdFO1zcRtJNqO0tNikeiZCXVFHVkkXqHx0w4H29HNRAie4i9rjBG7ecFXUaZtmFqRnAKYyZ5dZwkMtlTrr3Iq9xYoJWz3wzPvh0z7nz_rp91ZUZOz1BGs85eeKYiOpNzmBUWfObYMa__pYXK5dGrqF-FqJPUhhq1YKVjQoP3WR44Pw1qsi1zibEHKP6VCVmN23S8pDcaMgKOm8yvpHIm7D3Vd8eN81fz9h2ZGL3g_rpg_tkNLv2Kg0njd31pA6qBXx3kU1dHm6K0XNEI9M4CXMGp6taKL-kVlexDGO1sHBoie7srzPeL8nzNxOCApjkp6lt5Z4E3QFBF-9IfHfvXvCWojGcw4kDFg53VFbBSTuZ2shcyQ3GL3zToTSkbg6IazrbtIWTl6J5IQeb8fGEIrG8aHg1Q59NJPzUT2ipd_AVgGx00bxkBGeslTRSc8tdB4phMLe0pYcG5_5l2Kq0SBN5THHCeWag5AtuRYf-VNrrh0c5Kor25Y6qPCaWhoHVucKS_OVlvddwYVE-jCKRnWWekzbyn1fIbR35WFiqOAkbsh9BWyF1ZgHQfZrUUb1c5F4Xwv3FbtVdyVzl_-z3HR84AeN2A6j181VXw_6jpVaDdGgff-t9ACfqCh23BOu1Rr29T8ZlgrWc4PidS9tbk728MLL3OhlH6WvZAxZoKu6v2utXbrty-y3oxA1oA4iQyIGZ5yyq_JaipCXViY3ITNMkZUrwsjRTZJ1ktmjXS72lpdMpAFVblSFVZc8gjdnKjg0diVAy5gfRcz06Y5UwXsIHz9pGJ5107h3BZwH-tvlpDaU2iRsBFIRcoLtVajCmFiB85MPjdVynTUSEkvkgRtxyIuZ-muGCdCSF2LJikpSigfUQ_gh001cKjmqYlXzBeOSaZL8aouMW1p3ppNYCc0M9-k3W2Ci61sdG_okMXs7dGT6Rhg1U8uGFJNCHEfCqKUAvqw1s8RQXR6BOffQjJh4EveTxqY809OQWk8ZvYBOlQUngCy_25rg5sYYAgtu-FjGcKvpV4Bf4D6VPTkX0ui0T-LnmG4AqKs6GYzcI5XSBpcWc40l4oNaxBiqc2BQ-0r1YqoV40-Kd-L9UTW_kr3BuCqO_rHzVIfnmJYrGfpJhNlWZL_MhRUApXusvOVyQgzRuxuaZ5jH-lr-KPW7S6AFl2NhhZDh2YRNpJEvD-eKT0LtpDHd6t6cAHIOUGHBGvG2O8inYuKRJKZhwBzaxQ-pqSmGFhihK3wpfEqANcONXFCac95Tga0pA7uxzPDLU_RGI9_zLIa1A-OCBeheE7rOr-heIpvhe97bOJ-i-5mMR4bMdEokKJuodyLCrxRj7Ba4MVKyGMWcrXtaRzNHbrKrgrqMs2uHIXeYv8KT-y0PRpHuJn6hCEqCKoDaBUsWDwvRCUCp4iA9WEiX1JLubL0kNaI42Hz4fHJVRdQW2msYIeZeEn36b7yLMqgfyrgj_Grr1B-2UV5e5Tmt1GzSbsuvyHf_k_zwkVbCWM98i9IqjtXguBqgg2C-ccCPjKo5u6HYs7_88C66UfK1QNeXaGJScoskO12nBP1xK_oJkauBtJ2hTtWB00ZQyBU_fJTCzNgOGMY2gEN70S0hH07xOcWk7waZ2LLWWyHTAAARRyVx0u6MXg80DMrSwJW9kQMj5Z9iGRF-KSzn8dbWRj2i2IGfu_15zmoEFzpdrjBjzYCJy2OBHEmv8BbLpBRPtqCqIoasbyxQ-9mFogp2FLkYSv3CrD5xl24nDTLt1PjPnH8blcLDL3i8krthhbYluXsiUS6_jyGed51sqJnjndEnGAdqqN2ybgI3kqyVI7cLL8VD2T0BuDSKx4pQY1sZkC5_3n3hI7gOxyXdROcJzzltibetpy6frCCxNcDLmQaH4kSVGRWVWrjSbSw6fT_g6qbnSHx8SasY0ynIWlRoaC8GK-B-xC2az1-Lc-M55aopAwDnFQcNEROooru_ddYcl7mC25vug-XBGvyJ-hSD4wsbUX6t-DXEt0_1cyKGUL_hpgGi58EHe-ZQXTpGV0SUYwVq5M2dIpjg5T_5VyiL0mlHwYY0WmoQESMoceFWkU9klsEjDVNg0e1l8fci7-w09oqlKr3vDavnxxTisxAw9TSbl75gu1AY5ALEiDoONiP3zbUPDW7p4aAbfNwdyk5UxiUgto9tPuhS8wK9ReIqXkHzmiPFg69YZByGF1MZFdlp9Kra1WsJltu8mPVzH6DhArSPXiBpxrup5wdRxJXOwvupeRzSpg4RgoVQt8nw46NxM6ziwApvbnmCSrbR62dgmZ0BMe6l4RTlBAth3i6D17B31l_jjrVwWAXk33NnV0mbH8gCBX7uyidVGYRTNufkdRuO7cKY6wpKISqobzi3lkzxydJp7hjuKzNyi0lEr20IwT-2Qr3glOX13_3PtuJo12A_3mqyvQyVZ8Zky4Vt0cPu8qJ0sdtjQk1f-f3xaGkcJWQm2WsajaR5bGLBOoaJ0DTYzAvlIWnt7A-j1uoKR4Q_vTGAmFQRsQgp-HDnc2qlqTMURUojID31HXhHSZ41ApAQvDCUAATbtCE3euOIAIRhjUfQ8R3dUvf7feJc_dnsF61A0_y0J5m6BCGohRpAxempoHuV5SJc4gNlDLk0kMOmDyuQDI09ZFDJA83MGHYOwehZOTCkY99hp_a8i8nwLzhQRShnZNG2ed2n6Ttu1UVoCj1cHvrQZKPnud7HoOyxzXmsrdJ63j8tdzJJApXJbbbXl1RZbz4fgP318ebun32arARhyJbsCKOrmOv5Wzyov6PclG_ns4U8LhcolG6wTG9d80ZCCb5TkxffHpz0vE5MyLyADvwC9I1QEEQGILrKFJbeZ_h7hznHZgj9Yy-bwZv0j7B0Tpl63tZ_CGUVUZbQ--t5mOWmrkuBiFYaQO4hkvvawDiiY2Q3eP0Zmyzg4VTpWEEpTH1l8b-_8NH6u6cqkH-p6SF04ijOkuuJcsCMk1aJNXT9pEUUQUa5P_EBQ9IXeoKox3VAo46zqbnS2vdhMa4c5slP7zhEr86Fz-5rTC9vGZ7EbCtthYikvGlwd_6tWtIn199g0z8MVevampv13FJueDM-FdrxzFCng3YEhOcRsvGIHcv76Yuql6XcYxzEu83tbRbFo22OfcsvN4H0n4wIsf9upUsnjuKRf8sxGPVOBUr58IdMxH7N3emlkvaKP9dbXfy2KWmZs12rmvJ89BAHRIF2CDiqxzvP8bdIjHV4KxZFHQZmdBaYLuOLPggKGpB0sobV7fxQIm_L_4WMhrO4eV4-TPLzNnuZyxMJL0kMV2X_obdq7GPMhzZJLBbVM5wiSGTMMD_RjbOtXVDIoPyrIEz_VZENlylXF-Y-spr5AwamgIsDkPc7lrbtQh3vAFgrK965vSuZITXQPSt_NGH6HPg&cid=CAASJORoG4qEGwZKmf3wFwjVoP2-BNybZIMLGEnVnKwwPiNKi7n4Ug&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:58:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 8917 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ANGl0DmY3zuQMsGUKWJifej-zhqlN6vOSnXN7RLbEVqgWotb-2eneyGRXpEnJY8NtRAAJqxIoIFbOuU9J2LrerBhyIxDrF6c_E7_Ch3fCnxEtPYdiiWAanxGsuTCtGaCOImDbNflQ2rE2pQchtUE7tAzxKmg&dbm_d=AKAmf-BogxxTSOHhDPnN_sYj8cuSlIsv34mZK7BC_EQX5fHeGti71WTdfKVkK9sLfZUaLL2XZBs6YcwNqz1Xli6aZmzvF0_-g-dF5N00OJaP1mnzntpVLS1_Nbj6pgyd9qwTko7KaXdFO1zcRtJNqO0tNikeiZCXVFHVkkXqHx0w4H29HNRAie4i9rjBG7ecFXUaZtmFqRnAKYyZ5dZwkMtlTrr3Iq9xYoJWz3wzPvh0z7nz_rp91ZUZOz1BGs85eeKYiOpNzmBUWfObYMa__pYXK5dGrqF-FqJPUhhq1YKVjQoP3WR44Pw1qsi1zibEHKP6VCVmN23S8pDcaMgKOm8yvpHIm7D3Vd8eN81fz9h2ZGL3g_rpg_tkNLv2Kg0njd31pA6qBXx3kU1dHm6K0XNEI9M4CXMGp6taKL-kVlexDGO1sHBoie7srzPeL8nzNxOCApjkp6lt5Z4E3QFBF-9IfHfvXvCWojGcw4kDFg53VFbBSTuZ2shcyQ3GL3zToTSkbg6IazrbtIWTl6J5IQeb8fGEIrG8aHg1Q59NJPzUT2ipd_AVgGx00bxkBGeslTRSc8tdB4phMLe0pYcG5_5l2Kq0SBN5THHCeWag5AtuRYf-VNrrh0c5Kor25Y6qPCaWhoHVucKS_OVlvddwYVE-jCKRnWWekzbyn1fIbR35WFiqOAkbsh9BWyF1ZgHQfZrUUb1c5F4Xwv3FbtVdyVzl_-z3HR84AeN2A6j181VXw_6jpVaDdGgff-t9ACfqCh23BOu1Rr29T8ZlgrWc4PidS9tbk728MLL3OhlH6WvZAxZoKu6v2utXbrty-y3oxA1oA4iQyIGZ5yyq_JaipCXViY3ITNMkZUrwsjRTZJ1ktmjXS72lpdMpAFVblSFVZc8gjdnKjg0diVAy5gfRcz06Y5UwXsIHz9pGJ5107h3BZwH-tvlpDaU2iRsBFIRcoLtVajCmFiB85MPjdVynTUSEkvkgRtxyIuZ-muGCdCSF2LJikpSigfUQ_gh001cKjmqYlXzBeOSaZL8aouMW1p3ppNYCc0M9-k3W2Ci61sdG_okMXs7dGT6Rhg1U8uGFJNCHEfCqKUAvqw1s8RQXR6BOffQjJh4EveTxqY809OQWk8ZvYBOlQUngCy_25rg5sYYAgtu-FjGcKvpV4Bf4D6VPTkX0ui0T-LnmG4AqKs6GYzcI5XSBpcWc40l4oNaxBiqc2BQ-0r1YqoV40-Kd-L9UTW_kr3BuCqO_rHzVIfnmJYrGfpJhNlWZL_MhRUApXusvOVyQgzRuxuaZ5jH-lr-KPW7S6AFl2NhhZDh2YRNpJEvD-eKT0LtpDHd6t6cAHIOUGHBGvG2O8inYuKRJKZhwBzaxQ-pqSmGFhihK3wpfEqANcONXFCac95Tga0pA7uxzPDLU_RGI9_zLIa1A-OCBeheE7rOr-heIpvhe97bOJ-i-5mMR4bMdEokKJuodyLCrxRj7Ba4MVKyGMWcrXtaRzNHbrKrgrqMs2uHIXeYv8KT-y0PRpHuJn6hCEqCKoDaBUsWDwvRCUCp4iA9WEiX1JLubL0kNaI42Hz4fHJVRdQW2msYIeZeEn36b7yLMqgfyrgj_Grr1B-2UV5e5Tmt1GzSbsuvyHf_k_zwkVbCWM98i9IqjtXguBqgg2C-ccCPjKo5u6HYs7_88C66UfK1QNeXaGJScoskO12nBP1xK_oJkauBtJ2hTtWB00ZQyBU_fJTCzNgOGMY2gEN70S0hH07xOcWk7waZ2LLWWyHTAAARRyVx0u6MXg80DMrSwJW9kQMj5Z9iGRF-KSzn8dbWRj2i2IGfu_15zmoEFzpdrjBjzYCJy2OBHEmv8BbLpBRPtqCqIoasbyxQ-9mFogp2FLkYSv3CrD5xl24nDTLt1PjPnH8blcLDL3i8krthhbYluXsiUS6_jyGed51sqJnjndEnGAdqqN2ybgI3kqyVI7cLL8VD2T0BuDSKx4pQY1sZkC5_3n3hI7gOxyXdROcJzzltibetpy6frCCxNcDLmQaH4kSVGRWVWrjSbSw6fT_g6qbnSHx8SasY0ynIWlRoaC8GK-B-xC2az1-Lc-M55aopAwDnFQcNEROooru_ddYcl7mC25vug-XBGvyJ-hSD4wsbUX6t-DXEt0_1cyKGUL_hpgGi58EHe-ZQXTpGV0SUYwVq5M2dIpjg5T_5VyiL0mlHwYY0WmoQESMoceFWkU9klsEjDVNg0e1l8fci7-w09oqlKr3vDavnxxTisxAw9TSbl75gu1AY5ALEiDoONiP3zbUPDW7p4aAbfNwdyk5UxiUgto9tPuhS8wK9ReIqXkHzmiPFg69YZByGF1MZFdlp9Kra1WsJltu8mPVzH6DhArSPXiBpxrup5wdRxJXOwvupeRzSpg4RgoVQt8nw46NxM6ziwApvbnmCSrbR62dgmZ0BMe6l4RTlBAth3i6D17B31l_jjrVwWAXk33NnV0mbH8gCBX7uyidVGYRTNufkdRuO7cKY6wpKISqobzi3lkzxydJp7hjuKzNyi0lEr20IwT-2Qr3glOX13_3PtuJo12A_3mqyvQyVZ8Zky4Vt0cPu8qJ0sdtjQk1f-f3xaGkcJWQm2WsajaR5bGLBOoaJ0DTYzAvlIWnt7A-j1uoKR4Q_vTGAmFQRsQgp-HDnc2qlqTMURUojID31HXhHSZ41ApAQvDCUAATbtCE3euOIAIRhjUfQ8R3dUvf7feJc_dnsF61A0_y0J5m6BCGohRpAxempoHuV5SJc4gNlDLk0kMOmDyuQDI09ZFDJA83MGHYOwehZOTCkY99hp_a8i8nwLzhQRShnZNG2ed2n6Ttu1UVoCj1cHvrQZKPnud7HoOyxzXmsrdJ63j8tdzJJApXJbbbXl1RZbz4fgP318ebun32arARhyJbsCKOrmOv5Wzyov6PclG_ns4U8LhcolG6wTG9d80ZCCb5TkxffHpz0vE5MyLyADvwC9I1QEEQGILrKFJbeZ_h7hznHZgj9Yy-bwZv0j7B0Tpl63tZ_CGUVUZbQ--t5mOWmrkuBiFYaQO4hkvvawDiiY2Q3eP0Zmyzg4VTpWEEpTH1l8b-_8NH6u6cqkH-p6SF04ijOkuuJcsCMk1aJNXT9pEUUQUa5P_EBQ9IXeoKox3VAo46zqbnS2vdhMa4c5slP7zhEr86Fz-5rTC9vGZ7EbCtthYikvGlwd_6tWtIn199g0z8MVevampv13FJueDM-FdrxzFCng3YEhOcRsvGIHcv76Yuql6XcYxzEu83tbRbFo22OfcsvN4H0n4wIsf9upUsnjuKRf8sxGPVOBUr58IdMxH7N3emlkvaKP9dbXfy2KWmZs12rmvJ89BAHRIF2CDiqxzvP8bdIjHV4KxZFHQZmdBaYLuOLPggKGpB0sobV7fxQIm_L_4WMhrO4eV4-TPLzNnuZyxMJL0kMV2X_obdq7GPMhzZJLBbVM5wiSGTMMD_RjbOtXVDIoPyrIEz_VZENlylXF-Y-spr5AwamgIsDkPc7lrbtQh3vAFgrK965vSuZITXQPSt_NGH6HPg&cid=CAASJORoG4qEGwZKmf3wFwjVoP2-BNybZIMLGEnVnKwwPiNKi7n4Ug&rfl=1%2Chttps%253A%252F%252Fsalat.zahav.ru%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:55:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10526
x-xss-protection
0
server
cafe
etag
4815257668744283084
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:55:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 58CE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 09:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 09:42:41 GMT
main.gr.19.8.327.js
static.adsafeprotected.com/ Frame 58CE 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.327.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481225368&pubId=1&placementId=396821589&adsafe_par&bundleId=&dealId=&bidurl=https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa9efa00a715700d9dd94213288ca6924c7057dd521206c6d88b314bf096d788

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 18:19:16 GMT
content-encoding
gzip
age
412847
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 19 Jul 2022 18:19:05 GMT
server
AmazonS3
etag
W/"29895ca47eaa0e27860bfbc1ef717cee"
vary
Accept-Encoding
x-amz-version-id
NHzcLihB4moHfQbnMqJAhSXgaIBWnCEe
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
D6UZA1RT3YMKhgmjen1CKD7dgpAeMRpKzgmN3Cm9xZxof95rtV9Rgg==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3530 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 13:34:31 GMT
etag
48472445140208031
expires
Sun, 24 Jul 2022 13:34:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 58CE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a754c1cccac5b978b49a6e0061dfa05a554fd8be39789ed5a2c69c19d52492a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8A3C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 09:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 09:42:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8073 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 13:34:31 GMT
etag
48472445140208031
expires
Sun, 24 Jul 2022 13:34:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8A3C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fd2327c0977145ad39aa0a8363647e257a84b60c729ccf2fc495c4afe0996dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8F72 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 09:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 09:42:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2B73 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 13:34:31 GMT
etag
48472445140208031
expires
Sun, 24 Jul 2022 13:34:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame 9918 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRM2Si-2HS4NgQUtfkfxWP663NX2dQoa1PWHu5UVMeaxORQ-oWnz72eeqKUkWT17SFCjj6EZq2Zyu59smbVlK-7Yn4aMQ
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
truncated
/ Frame 8F72 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
587e3d2fd326c201f7c5a9757aee27a90db9b48c256c8df29b00a885ef07082c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9918 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9567d9c2d5012c7282f683ac1252b842adb1df2d5e17e16873bc53af5d8a3b52

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8917 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 09:42:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 09:42:41 GMT
main.gr.19.8.327.js
static.adsafeprotected.com/ Frame 8917 		186 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.327.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=15481225368&pubId=1&placementId=396820527&adsafe_par&bundleId=&dealId=&bidurl=https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa9efa00a715700d9dd94213288ca6924c7057dd521206c6d88b314bf096d788

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 18:19:16 GMT
content-encoding
gzip
age
412847
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Tue, 19 Jul 2022 18:19:05 GMT
server
AmazonS3
etag
W/"29895ca47eaa0e27860bfbc1ef717cee"
vary
Accept-Encoding
x-amz-version-id
NHzcLihB4moHfQbnMqJAhSXgaIBWnCEe
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
ysq98J5kIgghNu_-wv9xQE9ebPD4qd-L1wggrIRtAiVqj7SbGfKB_g==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B3FB 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
84331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 23 Jul 2022 13:34:31 GMT
etag
48472445140208031
expires
Sun, 24 Jul 2022 13:34:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 82CB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:02 GMT
expires
Sun, 24 Jul 2022 13:00:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:02 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8917 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c206ed7a05f8f7c87339fb729d985e0ce4bab5b615aae94db6878c341cae57f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BAC7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 04:11:23 GMT
expires
Fri, 21 Jul 2023 04:11:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
google2waycm.netmng.com/cm/ Frame 3530 		0
0
dpixel
cms.quantserve.com/ Frame 3530 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPUvUzyAQEcjpzebVdCzoCs&google_cver=1&google_push=AehlK4BhB1K7JpiMx4w79zmBxEujlslp4DxIaIaT8Ff-1OkLjc_xTSrsXmrSEm5jGzTS8KmbjHrQXlqQugQScyiI5KuFEU3j9Dhjrg
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3530
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFp7eZ_sVFCUNPeB9g1zAco&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFp7eZ_sVFCUNPeB9g1zAco&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QXk2NVJQT0kxT2ZCZGc1&google_gid=CAESEFp7eZ_sVFCUNPeB9g1zAco&google_cver=1&google_push=AehlK4BzVWuUC8Uw7hfC9EjwvI5IXaW5UUA86kj7PEBFnR7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QXk2NVJQT0kxT2ZCZGc1&google_gid=CAESEFp7eZ_sVFCUNPeB9g1zAco&google_cver=1&google_push=AehlK4BzVWuUC8Uw7hfC9EjwvI5IXaW5UUA86kj7PEBFnR75zKRBlnWZ5RKPJLd6ZBRTzKIKs1f06Ra9rSiVEghfoDbvllIEnDM3cQ
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:01 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-046b02221141da501@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=QXk2NVJQT0kxT2ZCZGc1&google_gid=CAESEFp7eZ_sVFCUNPeB9g1zAco&google_cver=1&google_push=AehlK4BzVWuUC8Uw7hfC9EjwvI5IXaW5UUA86kj7PEBFnR75zKRBlnWZ5RKPJLd6ZBRTzKIKs1f06Ra9rSiVEghfoDbvllIEnDM3cQ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3530
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_push=AehlK4CO6AkXyCxbfbQmSVGo7zDiWNZClF7DVEEnlbtvHnH4-f9HmDH9lT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_push=AehlK4CO6AkXyCxbfbQmSVGo7zDiWNZClF7DVEEnlbtvHnH4-f9HmDH9lTYR6vHmWd_DmRmoW_wOsa-KaH_40gYdgDJrhEOB6indOA
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1658667602.459390,VS0,VE93
x-served-by
cache-hhn4027-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_push=AehlK4CO6AkXyCxbfbQmSVGo7zDiWNZClF7DVEEnlbtvHnH4-f9HmDH9lTYR6vHmWd_DmRmoW_wOsa-KaH_40gYdgDJrhEOB6indOA
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 3530
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMGU9OoZ6o404z0wMm0ysKw&google_cver=1&google_push=AehlK4BNVXhAC5VcE6-x_wIlXM4xBMcIN0F99vsGraylNVxVq1PV_SZRv0vSZB8HFhrePhnkLNrmFXQS...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMGU9OoZ6o404z0wMm0ysKw&google_cver=1&google_push=AehlK4BNVXhAC5VcE6-x_wIlXM4xBMcIN0F99vsGraylNVxVq1PV_SZRv0vSZB8HFhrePhnkLNr...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk4MjE3MDEzMTA0MTM5ODAwNA&google_push=AehlK4BNVXhAC5VcE6-x_wIlXM4xBMcIN0F99vsGraylNVxVq1PV_SZRv0vSZB8HFhrePhnkLNrmFX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk4MjE3MDEzMTA0MTM5ODAwNA&google_push=AehlK4BNVXhAC5VcE6-x_wIlXM4xBMcIN0F99vsGraylNVxVq1PV_SZRv0vSZB8HFhrePhnkLNrmFXQSH_-mctL3N9MgfrktS8mp3w
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Mzk4MjE3MDEzMTA0MTM5ODAwNA&google_push=AehlK4BNVXhAC5VcE6-x_wIlXM4xBMcIN0F99vsGraylNVxVq1PV_SZRv0vSZB8HFhrePhnkLNrmFXQSH_-mctL3N9MgfrktS8mp3w
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 3530 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMmmb7j3PTZ5VNwhi9WfpvE&google_cver=1&google_push=AehlK4BJAhdPGze9llIhZS3BZubxGvg0KyaqhGJl9_ZmLKxhHMOLUwam4IKu52PG_kb_WOLwa4H-FOf2o9oU9zz28ILRODf2o4CwCg
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
u0gefa4qs40k3lnpiiijh1rc0raeabuq
pixel
cm.g.doubleclick.net/ Frame 3530
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4C2OdLBkTxPVwBKcH5ccYalTOR9laozwKbNrqkDu-YADlH9XiwmA6B7u9rw7xoOf-sUbJOS7V1uObUqHaPM02-SyYKUGdNxzw&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-5ddf9a0b-9fa3-47e7-8ad8-f780c79285db-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4C2OdLBkTxPVwBKcH5cc...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4C2OdLBkTxPVwBKcH5ccYalTOR9laozwKbNrqkDu-YADlH9XiwmA6B7u9rw7xoOf-sUbJOS7V1uObUqHaPM02-SyYKUGdNxzw&google_hm=A13fmgufo0fnitj3gMeShds
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4C2OdLBkTxPVwBKcH5ccYalTOR9laozwKbNrqkDu-YADlH9XiwmA6B7u9rw7xoOf-sUbJOS7V1uObUqHaPM02-SyYKUGdNxzw&google_hm=A13fmgufo0fnitj3gMeShds
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4C2OdLBkTxPVwBKcH5ccYalTOR9laozwKbNrqkDu-YADlH9XiwmA6B7u9rw7xoOf-sUbJOS7V1uObUqHaPM02-SyYKUGdNxzw&google_hm=A13fmgufo0fnitj3gMeShds
date
Sun, 24 Jul 2022 13:00:02 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5ddf9a0b9fa347e78ad8f780c79285db003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 3530 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2GXKUeca51Bl3ABJvihcUdshk7odC_F9uq9j4P8W0UyUHmLuuhIwUfLFEMP_rv9Qcw_L9
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B78E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 04:11:23 GMT
expires
Fri, 21 Jul 2023 04:11:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/4889160532300580337/ Frame 985B 		1 KB
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5978ff27b2ea2c95abefefca52d591ac153475bf8a36c71969e9bd06fd5ab23b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
584
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:02 GMT
expires
Mon, 24 Jul 2023 13:00:02 GMT
last-modified
Mon, 25 Apr 2022 12:30:44 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 58CE 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuluN0QH0Q9vDbM6eRel7nPYfXg9eY9iIfPYpQ_KmVD2IibMy_3ALbK01nmuyxiOw8ai9bhN1Xb3H4YROGZ6T7_pRksqnva1M6wc0P6bRn9arQQEiwedqOpLUezlXcaHoycZSGHSxfZdixSSVs-AybhavFyeUieC--hG2icOkvXoYghj98Dz5DviRtg4ceQainLZn37CmftOQ0caf7WvWMLVp7aAgfO0xWsZr3s846lF7JaCNuk8sKOes1Jb8XYTT3DSzDm_bmWRiGF-PmHRrXTbyrxltGnb9---pTPgZ1okvBXHIBUlc5VfAI3eoa6-Ev-whTT3Gt2Xp7mDe5Uo0aWbpkoYxbCi4NRsIvcgZ3RY7f4RGqz5ZS3l-OgwuFm_jhSC9qYd4ixOay8HQQIeljuMrraz82HwdwKitGnd94ZX9dXI9eIx4hEWIDV5I73O3r11To8V6mmpQ0WN6odEA25Trg8fwsB17Jeg5KGQt02IfYwTlaeTTpTenOlotFSSCLgpmRo8dttteNLGAIze_UzttJb4DXqEYpkjbIGv79HUsRcesjX2igQ6rczV3TYND_r4A-rf9J-hDbsIigU_eVtSozFgYnz56xAmNhtI7hrmvmysrSQ1QwMpGKVOAXZQ116d0i-k3V9MCz0lHSYjYK8x_h-ZLpf_mV-Xk--ALStoDJ5zgKL5GrTbucu14Vl5BKpZGfG2_kWF00HPRgInZ16O3T7Zyu3eiS-vYw3ZTaQ8GDUUu6bkp_Qja4kdjGNYP69zbQ62LycYNTwUdmOzX_bNIlVVnRGwE8uQBlQfrIhv7Kxzk3lYYXRjX7TW6TqBC7lpOkenxj-MwxMaGYnDcIkhq4O9oSU_4PijjG9P2hJjkFS3YhVHe-Q5oT1h8yAE6UIiymkTsIj2YMUae84vDsVwv-lz4eLnBo2CTqFM_40qZcVvngoojoqbBIOblM8-K3G00LChWm9zWBuCylh29OVv_oYkE4GCL0H0tUQcHHaQytgNxe1y-aJcxGSdEJrrNQ6zBWPTBN_bjztp6D679UF2R6wixRO10mZw4jnHKiTojJswPPFp5EBD3ASpVoBjzUe7TYldfxJ26sBEk4zlWn5FZsJ9fUpEX2Zx5Ra5lt9ZkKDQpYn4QiPouAY_qCPk4OebRgFbJSBBQkldIdxHKWSRKDq4ccvIm10nUuvkZkhBVEBdvo-T0OZLr_gf9JbGUixQAP7wke0H28GrbeT2yS2hsI3VKSJnNsAjgU&sai=AMfl-YRyfXyU31L_j66sd1ZxrmE79HpGABKVYD3ShR6umT_cuTG5Ckb6Zt3gNk-anquYP795PwZfY5ZUOvwD5ZarDuEwHoCjQlHgeDef1c5PPBK3-KAbnvs13ZmlNxd7o5fcOKb3fRG5L1nelRmjWoATuXPOc9N8lDPtzBeFmhTwtkBx2Qj4VcFat0Y88AK0Q2OKofAFtNzxIzdjLJLiwSnOkQ&sig=Cg0ArKJSzAkX6-wyhsAnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=288&cbvp=1&cstd=283&cisv=r20220721.35172&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 24 Jul 2022 13:00:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ai.aspx
m.exactag.com/ Frame 58CE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26966436&extCr=162827980&extPm=322983793&gdpr_consent=&gdpr=
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.8 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
So, 24 Jul 2022 01:00:02 GMT
Server
Microsoft-IIS/8.5
Date
Sun, 24 Jul 2022 13:00:01 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
RTL_SF_TOPDOG_HPA_300x600.html
s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/ Frame A4A2 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e791fee39bda4f5c786428a56c3e3c31d3bd81a4b87b7ce297440c08a451c454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1557
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:02 GMT
expires
Mon, 24 Jul 2023 13:00:02 GMT
last-modified
Wed, 25 May 2022 12:33:30 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8F72 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_tSmVjVzFpcJKELIdj9DO5WSytB7kpDDqx0k8cJ31P6sg7p34YUGL3Fqi6nShDq_IMGWb1E2z7-0hv-Q2UV2ImPaNUWQ1pGdkR8wHhwMGkocYknxK-uxgQ9hhaWCfADnDlaF0zDrg7EaRUZqJvBo84UQVdH6Nd_M-lcgZ91ptAy3s6JD2vYlQCE0H6zMsjad7b9W65GBTqV9Nf4p3uAFD4dVnlDuZXynZjX_pNgu73-_GD2mIWXfugk3Y8QPFWczoSQwtlNI9W8PlMvmDPEAYccaTrrb-cvg4au2d0NMqs0HJ0LlHlkq0WZ5CHe4fAMb8-3nVA8pOKg-nHdHooglng4QApE9oKPaZdK4FhtQmNaLkjISomz9yb6J4nRtokC5_VGV_Wfz6-C8iJTSesYCRvZ3iUuiYekHA9Cvpi4J7wO7OOA4qTjLY9KTZmGZGAcz85XiBjLCZCHONLV1MHb5Yys0CuokdQywE3othM2fe_y6ogJP1qaPSMd4A5rkMJj1eQEm9y8gLHZLOqWkGYyh6wFYDO8-ArdmywUmUKAN8VfEh0tAgofN5iQHTA_uMyzOH4bR7CrWeszHJucWMSMdrvV3xULMbIgXyspLlo65Zriq-7FVfuaIGhAV8vFAYcLoXqfK3dC8aqmhDzk9hwiL8L9dtbFQcVdbRGERlLCWplcOsQzofA9W_YzFPSEYfxx27OczejkU1904DEiKzzes_Ijv-UQdNrN-f2bG1jRCOtExq4rNEschlRbw3ozF1nHqpMYXCfHut8eIRBUwQIIKLwVGn6W2UmqhLh2toy3ptJ8uZEzM1EsB-C-wFFJ3-fdDTZWhzZyPMjESRX3ylQEjmtqKnNPMgX3s62HHIP-usBwvcaryPCRlNf4n8H8wkvPIBp_ylJrGdYnM7tLahSO3n2YKy_aST0MMZ3g4zRPpXLim5u9t1ohn5Feb9lYiqK7cUM6yqJJOWEdaj7IbDQEWONaECUxbbd_EF8NCnAnx4vTg9xkeqQvjqtuCJkZd6oKt2l4OseioWOr2N6b8iUXthbnQfJp0CJSuy0yD-M5TuziYTZxeFLy0USlMXC_Au7S7mld_mMC_ZcDma6a98fYBECUU_BbLJCQVjqgSbJClNeQfY49Ukkue31kJkQ3LRdizCuz574RaP1QIez0goTXuqlLqQPXsvQaz9GIm7yQAIU0V5sl7v-udJKDZawKjcOz8P&sai=AMfl-YR5Lo_ftBzu9YMCAFKCz9awMaBGLlbFlmibEM7HDLZ_n5pgjbZfMu_bM43C0GFBaOFLyCmn99AB3rFJkEhIxe_I98wN7V8BPvtZw0yd_HJWfljXnXgQvJUNacWoF11OdChVK0M4ZCRP5uOwNMKE-ku0ZetD0QA79KAbvNySTey5HIcQ_3ddMeQcCir1AO1rmVLhilMg7N6PZN20ieXXxw&sig=Cg0ArKJSzHNFz3GOUuNuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&cbvp=1&cstd=222&cisv=r20220721.06375&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 24 Jul 2022 13:00:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sca.17.5.12.js
static.adsafeprotected.com/ Frame 8D02 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
5977529
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
knSTkE20Tx9N6CPEIiTxFqN7A2cOg2qhzaagPVvz_QohKO-zj9GT0w==
mon
pixel.adsafeprotected.com/ Frame 58CE 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15481225368&pubId=1&placementId=396821589&adsafe_par&bundleId=&dealId=&bidurl=https://salat.zahav.ru/&adsafe_url=https%3A%2F%2Fsalat.zahav.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F25423005de63fc98833252de3157339a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F25423005de63fc98833252de3157339a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:99590a4c-e2c5-7f65-d2cb-99e3bc80108d,c:jhZBaL,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-69659766b-zz6nt,rg:ie,pt:1-5-15,mu:10000,br:c,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:172,mot:0,app:0,maw:0,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1%7C1a2,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:192,oid:87af38ff-0b50-11ed-87f5-3e2c30e53842,v:19.8.327,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.251.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-251-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZBaN,pingTime:-8,time:193,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:193,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:191,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B16~1%5D,as:%5B16~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1%7C1a2,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8073
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGqm5Ltc4pFTH9aleQYuNK4&google_cver=1&google_push=AehlK4DCUteXLrO3WaFPCMFb07g1ZmlJKf0bO-BWkTgvgmR_O4H1DFdntukyA002FdpcidFsNd_fyhgyWbtd9btY2gLNeTeto3xW
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzkxMTk5NTQ4MDQzOTcxNzQyNQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGqm5Ltc4pFTH9aleQYuNK4&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGqm5Ltc4pFTH9aleQYuNK4&google_cver=1
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGqm5Ltc4pFTH9aleQYuNK4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8073
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESECgYb6zYUj__Nqpp47RKeQ8&google_cver=1&google_push=AehlK4CW-0NIlXB-qNyPIRwaiZo2qGwerhZxAV7yLSEPWvZaCWxBPmPrkuJ02RdeqDgcMSwmmZ-2Utp4SuT9vuBH_ztx0wRGSlVZ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B5DE7F0A49D405E9450AB94AAF984AC&google_push=AehlK4CW-0NIlXB-qNyPIRwaiZo2qGwerhZxAV7yLSEPWvZaCWxBPmPrkuJ02RdeqDgcMSwmmZ-2Utp4SuT9vuB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B5DE7F0A49D405E9450AB94AAF984AC&google_push=AehlK4CW-0NIlXB-qNyPIRwaiZo2qGwerhZxAV7yLSEPWvZaCWxBPmPrkuJ02RdeqDgcMSwmmZ-2Utp4SuT9vuBH_ztx0wRGSlVZ
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Jul 2022 13:00:02 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B5DE7F0A49D405E9450AB94AAF984AC&google_push=AehlK4CW-0NIlXB-qNyPIRwaiZo2qGwerhZxAV7yLSEPWvZaCWxBPmPrkuJ02RdeqDgcMSwmmZ-2Utp4SuT9vuBH_ztx0wRGSlVZ
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 23 Jul 2022 13:00:02 GMT
pixel
cm.g.doubleclick.net/ Frame 8073
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJoyLD9OftbTojPNA0ef-sc&google_cver=1&google_push=AehlK4APGWd1n5LTY6LSK25J0QbD1ZLYfZ_FtEj_npLrd2vNmT0XqFEtv5Ny8x9l7VuoliuPgYgoob7paYTQuKf5...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E41Gnf_-SZi4nhmeJOtrNw2&google_push=AehlK4APGWd1n5LTY6LSK25J0QbD1ZLYfZ_FtEj_npLrd2vNmT0XqFEtv5Ny8x9l7VuoliuPgYgoob7paYTQuKf5sEIw6AtcFnkU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E41Gnf_-SZi4nhmeJOtrNw2&google_push=AehlK4APGWd1n5LTY6LSK25J0QbD1ZLYfZ_FtEj_npLrd2vNmT0XqFEtv5Ny8x9l7VuoliuPgYgoob7paYTQuKf5sEIw6AtcFnkU
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Jul 2022 13:00:02 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E41Gnf_-SZi4nhmeJOtrNw2&google_push=AehlK4APGWd1n5LTY6LSK25J0QbD1ZLYfZ_FtEj_npLrd2vNmT0XqFEtv5Ny8x9l7VuoliuPgYgoob7paYTQuKf5sEIw6AtcFnkU
x-host
tde-deliveryengine-production-78dd496b74-q9n95
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 8073
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESENHMR5GXlzMJ2EtPp1jVfU8&google_cver=1&google_push=AehlK4DlQrw2w72AhOq5muH8SU2Kc423noyiDMi7CK9rmiu4kjMF4pSzb3v-d0rcpGLoiMLwQcxYloWob-JqHkItgTOI...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESENHMR5GXlzMJ2EtPp1jVfU8&google_cver=1&google_push=AehlK4DlQrw2w72AhOq5muH8SU2Kc423noyiDMi7CK9rmiu4kjMF4pSzb3v-d0rcpGLoiMLwQcxYloWob-JqHk...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DlQrw2w72AhOq5muH8SU2Kc423noyiDMi7CK9rmiu4kjMF4pSzb3v-d0rcpGLoiMLwQcxYloWob-JqHkItgTOIkOBtsDwL&google_hm=RC9x1RewTJKF6YW-_K5k3Q==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DlQrw2w72AhOq5muH8SU2Kc423noyiDMi7CK9rmiu4kjMF4pSzb3v-d0rcpGLoiMLwQcxYloWob-JqHkItgTOIkOBtsDwL&google_hm=RC9x1RewTJKF6YW-_K5k3Q==
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4DlQrw2w72AhOq5muH8SU2Kc423noyiDMi7CK9rmiu4kjMF4pSzb3v-d0rcpGLoiMLwQcxYloWob-JqHkItgTOIkOBtsDwL&google_hm=RC9x1RewTJKF6YW-_K5k3Q==
Date
Sun, 24 Jul 2022 13:00:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 8073
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMGU9OoZ6o404z0wMm0ysKw&google_cver=1&google_push=AehlK4C7pjcHAjONdhqvZn0skuBGwv-lqfr7g47Cfs5P-DD2uiqOGyJ6SPK0WYXC11g3Nk9cA1UBqyLR...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMGU9OoZ6o404z0wMm0ysKw&google_cver=1&google_push=AehlK4C7pjcHAjONdhqvZn0skuBGwv-lqfr7g47Cfs5P-DD2uiqOGyJ6SPK0WYXC11g3Nk9cA1U...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA2Mzg1MDMzNjg3NzIwNjY1Mw&google_push=AehlK4C7pjcHAjONdhqvZn0skuBGwv-lqfr7g47Cfs5P-DD2uiqOGyJ6SPK0WYXC11g3Nk9cA1UBqy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA2Mzg1MDMzNjg3NzIwNjY1Mw&google_push=AehlK4C7pjcHAjONdhqvZn0skuBGwv-lqfr7g47Cfs5P-DD2uiqOGyJ6SPK0WYXC11g3Nk9cA1UBqyLRJKWeuDJAsmyNyszlxEk
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzA2Mzg1MDMzNjg3NzIwNjY1Mw&google_push=AehlK4C7pjcHAjONdhqvZn0skuBGwv-lqfr7g47Cfs5P-DD2uiqOGyJ6SPK0WYXC11g3Nk9cA1UBqyLRJKWeuDJAsmyNyszlxEk
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 8073
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_hm=Yt1CUnMdlz7abwNNqDfBqAAABHcAAAAB&google_nid=index&google_push=AehlK4CfXL77v_-n6lE29YWPVjJUYfkQMOuSR...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_hm=Yt1CUnMdlz7abwNNqDfBqAAABHcAAAAB&google_nid=index&google_push=AehlK4CfXL77v_-n6lE29YWPVjJUYfkQMOuSROShvjDgs9KKzvPjOLa2ponYADF8mHZ-lYJtzQdaqLu-RMYC-XeS8ShbWMDpEyhN
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReZGO%2BZvflcp1st3AthvTWYkUxjZ1YZtYnFMVFbgxZSkOytZVuPitKk4x3lfdxYAb3QlxA593LEE5KDkv3vv6o3peuGGePBssoysFNO7CsrvqQeQsuJ0uZH3XAay0J29mOFKXNn9wv%2FDSw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_hm=Yt1CUnMdlz7abwNNqDfBqAAABHcAAAAB&google_nid=index&google_push=AehlK4CfXL77v_-n6lE29YWPVjJUYfkQMOuSROShvjDgs9KKzvPjOLa2ponYADF8mHZ-lYJtzQdaqLu-RMYC-XeS8ShbWMDpEyhN
cache-control
no-cache
cf-ray
72fcd623897c68f7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 8073
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKgaKb7uJXdHKUu10gGPzGM&google_cver=1&google_push=AehlK4C7qZ99e85xE5ujYRvlxFNxVvdQc68KelKs10iOqtSIRc3jm6pNYmLZue_dfCSczMBeqmpaPNuKHgfeWnp2X...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKgaKb7uJXdHKUu10gGPzGM&google_cver=1&google_push=AehlK4C7qZ99e85xE5ujYRvlxFNxVvdQc68KelKs10iOqtSIRc3jm6pNYmLZue_dfCSczMBeqmpaPNuKHgfeWnp2X...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4C7qZ99e85xE5ujYRvlxFNxVvdQc68KelKs10iOqtSIRc3jm6pNYmLZue_dfCSczMBeqmpaPNuKHgfeWnp2XJXMnLLaSZNt&google_hm=FB3sqGZH-OlxuttHQzWf7xqe
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4C7qZ99e85xE5ujYRvlxFNxVvdQc68KelKs10iOqtSIRc3jm6pNYmLZue_dfCSczMBeqmpaPNuKHgfeWnp2XJXMnLLaSZNt&google_hm=FB3sqGZH-OlxuttHQzWf7xqe
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 24 Jul 2022 13:00:02 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4C7qZ99e85xE5ujYRvlxFNxVvdQc68KelKs10iOqtSIRc3jm6pNYmLZue_dfCSczMBeqmpaPNuKHgfeWnp2XJXMnLLaSZNt&google_hm=FB3sqGZH-OlxuttHQzWf7xqe
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame 8073 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Is8_VqkW5xsKio84yfjRKygNUIlOavbAxsBZhAgyYif54rFvwVPfp-Q0uEiqDfnJt5-ZVY
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZBbf,pingTime:-3,time:221,type:v,im:%7BpBlk:205%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:191%7D,%7Bpiv:0,vs:o,r:l,t:221%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:221,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:191,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~970.250%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1%7C1a2,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZBbh,pingTime:-6,time:223,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:223,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:191,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~970.250%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1%7C1a2,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:salat.zahav.ru*&br=c
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
cm.g.doubleclick.net/ Frame 2B73
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_push=AehlK4CkpyxiYnCZvbmG0p-6T22EqlM8UCPmFeX9CNda7d_3sBULtdtCf5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_push=AehlK4CkpyxiYnCZvbmG0p-6T22EqlM8UCPmFeX9CNda7d_3sBULtdtCf5uKpJpWtXLxZPc7EaVK6juyNLiTGmuej1lKwx8BV48
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1658667602.466312,VS0,VE102
x-served-by
cache-hhn4027-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEK9UXx_fozr2L1Nk8lXMvwM&google_push=AehlK4CkpyxiYnCZvbmG0p-6T22EqlM8UCPmFeX9CNda7d_3sBULtdtCf5uKpJpWtXLxZPc7EaVK6juyNLiTGmuej1lKwx8BV48
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 2B73 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELaIvKkRnM5d9k7-k5dWtTQ&google_cver=1&google_push=AehlK4DmOeDhcrWHQK0AdyA7rl6SRlhRHtBiudvoUv_zzmabDV1rjk72j2Q1hiDe1tjtCQDdFmfH5ktLDqtbvsb054FzpfOGyqY
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
gg_pixel
sync.adaptv.advertising.com/ Frame 2B73 		0
0
pixel
cm.g.doubleclick.net/ Frame 2B73
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMeLGV2kUzV_-BnqogtK3qM&google_cver=1&google_push=AehlK4AxthhVO01uvYaWuBQQzlF38NVADYoPhc6ksHmyVMQ_l3tL2Iwqv5KctLK84x54ttutFbwF3Fo5EP-SU8f-TmQ68wc...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AxthhVO01uvYaWuBQQzlF38NVADYoPhc6ksHmyVMQ_l3tL2Iwqv5KctLK84x54ttutFbwF3Fo5EP-SU8f-TmQ68wcoGLY&google_hm=MTY3OTE4NjcxODYwNzQ2MjM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AxthhVO01uvYaWuBQQzlF38NVADYoPhc6ksHmyVMQ_l3tL2Iwqv5KctLK84x54ttutFbwF3Fo5EP-SU8f-TmQ68wcoGLY&google_hm=MTY3OTE4NjcxODYwNzQ2MjM3Mw%3D%3D
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Jul 2022 13:00:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AehlK4AxthhVO01uvYaWuBQQzlF38NVADYoPhc6ksHmyVMQ_l3tL2Iwqv5KctLK84x54ttutFbwF3Fo5EP-SU8f-TmQ68wcoGLY&google_hm=MTY3OTE4NjcxODYwNzQ2MjM3Mw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dot.gif
s0.2mdn.net/ Frame 2B73 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEBx5exfh8VOBQSXvP4rs0No&google_cver=1&google_push=AehlK4C9BRHiYAC2_oXdL2UmgkN7TgfDAbagoLIbXsReZsreDxtoIFZ-z8POsmzQl_EDlwLcrWBz7tlvGQR4v4tyd17Mcc15cqk
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Jul 2022 13:00:02 GMT
pixel
cm.g.doubleclick.net/ Frame 2B73
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEMSrqpVvCor9_wKkj68AwuY&google_cver=1&google_push=AehlK4BGnY_AT0IIBgph_lw92r_Ma8sL-f78sAuuPZOkQWKXUaFiWsXsdMLp3K4hDaEGrN4lpmAiSJCe6WvhQhTARzJZAFhz
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AehlK4BGnY_AT0IIBgph_lw92r_Ma8sL-f78sAuuPZOkQWKXUaFiWsXsdMLp3K4hDaEGrN4lpmAiSJCe6WvhQhTARzJZAFhz&go...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgxNTM3MDMxNjE5MDI0NTc5MDM5Mg%3D%3D&google_push=AehlK4BGnY_AT0IIBgph_lw92r_Ma8sL-f78sAuuPZOkQWKXUaFiWsXs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgxNTM3MDMxNjE5MDI0NTc5MDM5Mg%3D%3D&google_push=AehlK4BGnY_AT0IIBgph_lw92r_Ma8sL-f78sAuuPZOkQWKXUaFiWsXsdMLp3K4hDaEGrN4lpmAiSJCe6WvhQhTARzJZAFhz
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjgxNTM3MDMxNjE5MDI0NTc5MDM5Mg%3D%3D&google_push=AehlK4BGnY_AT0IIBgph_lw92r_Ma8sL-f78sAuuPZOkQWKXUaFiWsXsdMLp3K4hDaEGrN4lpmAiSJCe6WvhQhTARzJZAFhz
date
Sun, 24 Jul 2022 13:00:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 2B73
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEpm_gQmGyTsD-rV1rZJwoM&google_cver=1&google_push=AehlK4CE9njrzlrEKFLB5wAmNyU139ALSS8nepx0VLdK_1wTuTVtGDDSvZ0UabYOow03Z-lgt7...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEEpm_gQmGyTsD-rV1rZJwoM&google_cver=1&google_push=AehlK4CE9njrzlrEKFLB5wAmNyU139ALSS8nepx0VLdK_1wTuTVtGDDSvZ0UabYOow03Z-lgt7...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mdmV0NzhKRTJ1RmtPb19RNThqQkJUcDVWaEZLUTNzRH5B&google_push=AehlK4CE9njrzlrEKFLB5wAmNyU139ALSS8nepx0VLdK_1wTuTVtGDDSv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mdmV0NzhKRTJ1RmtPb19RNThqQkJUcDVWaEZLUTNzRH5B&google_push=AehlK4CE9njrzlrEKFLB5wAmNyU139ALSS8nepx0VLdK_1wTuTVtGDDSvZ0UabYOow03Z-lgt79cmOItbJEWv8_EUB-uE5NHB1s
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1mdmV0NzhKRTJ1RmtPb19RNThqQkJUcDVWaEZLUTNzRH5B&google_push=AehlK4CE9njrzlrEKFLB5wAmNyU139ALSS8nepx0VLdK_1wTuTVtGDDSvZ0UabYOow03Z-lgt79cmOItbJEWv8_EUB-uE5NHB1s
date
Sun, 24 Jul 2022 13:00:02 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 2B73 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L8jpyPoUIEjvUr7Rp5_JjdePH_94-IyrkR238b-Dr59SN0CLwiYVBeMxgu3BNcilHSf00Z9A
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B160 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 04:11:23 GMT
expires
Fri, 21 Jul 2023 04:11:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
300x600.html
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
183cb622027842b52bc16b48af8a422f960368ea64f0da08bfa4e0587047abbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1657
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:02 GMT
expires
Mon, 24 Jul 2023 13:00:02 GMT
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8A3C 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYWR1-5VDppqe5Zcr5zHdDDv9OkMTrJlBrqrYY4bQp2581dHflZOHoAmBqCOOW088iiyQjHMJzUQPY0G5t-UC-0vZrhjMzKPDi4kwhCI9xXSXlYeH99gDxfNdOq43rDugxehATtoM5TdfDgqzKlpNMVHJnYDjw1tO4ERVkk-G8Ow76NA5B0GmgUwKRX4vLnCfwK9xy6ZUQdx4lIvoO86R26WbYancTCBhI1PzqqGp7_INO1Z4zPe87B9K-7WdCFejaEoR0plFDEq78ZB2ku5VWSvoZirWPEf7M3oMlO6FSBcXv6v2z2RPGR8aNnzXBDV-6uqsdnf3zJpNg4q-I2eVvDR6nhUxQGbITHyy4AoleBJcfuUsqhABFEVRKkwm3K5G991SSIVgfi6cNV0v5S7Ii8h9m74j8nSe-QlwEDATM8LEbwOIcMAFvOl_he_AgAogpNtkh98AHCX2agEM_Y4O9cVQiq_YaHcyk31RZw-Q3kQ2dBIkyBPbDdVjIK2AXhNS6p_K_0HXSVQ9DXdnbkPdhdc3eqU1ElULSj8ZDRQ1cR93PSfunqyadVHagJXggFVpZgjRGWk27jdCfcUk532VyUKuLOx2rcZspA2mzpPOoxDqyfPZsNzKUXpM0UDeDcXeSnsMFiCnCE1bPUC1yWJv_QMpmbG9-BHUT7e5q0Vly1FOkugSvr5DXa_CvlrZ6Sb3Yh-dQFSZPyr_hvkDgy2-zSztP-Kj4sHiy8z2T1fErvs0qNtIeW7xBuWzW88LRIhScGuPZljVxQXAMnAvdtEiCdKjTEDagDIAgfn_K6K00EAWp84Y048MLkrzvIyjatHWZxvBFKKmqoDHkVvMlvpCO9F8zKPFYRX934qdQ52QI-X0BbPAaZ7iaKxSRIL7MQ3b6Cn1p62fTY4KhUd1EFgtfYVWKKhyJt4Qtq3BHRadzc1GwcN-ivjcDkKApYZfK2pGqKXwnTmMFRPkBkGh8yiFXPS-ewv9i2XzQoMsLOtchrH1wIzkXGhjQOV2DXAEyB54aTkCUM7evC4VvqUIjUtU6BZhTgv-JdeAHjrABHvB1EGKm_hCPhh9rc0vCj7LwdgRCrF6Ruhsuucfsiea9X3-aT0Hw1lIdQ5cKI9pIrmG7FQGuA7X6y4AyPJo5LvQh1-fU0qyZx85-GtlwqtjL_MP6BaX62Efq2UaYTqrDIqmy3J7jLC2SlPPXuIX1_7-KpxYt&sai=AMfl-YT2vDhfg8rFgDecJgXzDmpVJRRVuT62QUoxPJCCIKo6PRk9zZ5K-cNoTP4UAfOXDVI0IuyyDf6Iyis3NU68_tsZL_gjvUc5ouddfvR9vukRg-1O1Qbogtfkd02SEjc587YCdmZzv-AyCuBXOpWGH9jtxCi89gwz039L0tnX6KVM9Kx9vNvhgDnOjnHtO9Wngl_kqtsxdO4Btqgnwy1tBg&sig=Cg0ArKJSzO66w6bizmPQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=345&cbvp=1&cstd=342&cisv=r20220721.77996&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 24 Jul 2022 13:00:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZBbT,pingTime:0,time:261,type:pf,im:%7Bsf:0%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:191%7D,%7Bpiv:0,vs:o,r:l,t:221%7D,%7Bpiv:100,vs:i,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:261,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:191,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~970.250%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~970.250%5D%7D%7D,%7Bsl:i,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1%7C1a2,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZBbU,pingTime:-2,time:262,type:a,im:%7Bpom:1,prf:%7BbeA:503,beZ:504,mfA:674,cmA:676,inA:676,inZ:682,prA:682,prZ:689,si:695,poA:696,bl:708,poZ:708,cmZ:708,mfZ:708,loA:726,loZ:728,ltA:765,ltZ:765%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:191%7D,%7Bpiv:0,vs:o,r:l,t:221%7D,%7Bpiv:100,vs:i,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1,o:261,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:191,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~970.250%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~970.250%5D%7D%7D,%7Bsl:i,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a1%7C1a2,idMap:16*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:69,readyFired:true%7D&br=c
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0C13 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
290919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 21 Jul 2022 04:11:23 GMT
expires
Fri, 21 Jul 2023 04:11:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sca.17.5.12.js
static.adsafeprotected.com/ Frame 473C 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
5977529
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA53-C1
content-type
application/javascript
x-amz-cf-id
kN6D87RQ92OICG1f1wCxHUVcmgp_i0qe4tWPCuiGhZFYcqugPiQ_Ng==
mon
pixel.adsafeprotected.com/ Frame 8917 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=15481225368&pubId=1&placementId=396820527&adsafe_par&bundleId=&dealId=&bidurl=https://salat.zahav.ru/&adsafe_url=https%3A%2F%2Fsalat.zahav.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F25423005de63fc98833252de3157339a.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F25423005de63fc98833252de3157339a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:25d48fb0-21a6-4d5f-5226-23cb5f8dc6b1,c:jhZBcc,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-69659766b-bcjsg,rg:ie,pt:1-5-15,mu:10000,br:c,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:191,mot:0,app:0,maw:0,fm:tcvCdV3+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C165%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C191%7C192%7C193%7C1a*.925113%7C1a1%7C1a2%7C1a3,idMap:1a*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:203,oid:87af3872-0b50-11ed-bacb-c2eb5e592ae3,v:19.8.327,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.251.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-251-16.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
index.html
s0.2mdn.net/sadbundle/8756305257970053338/ Frame 8B55 		1 KB
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
461d107fc613d9f2192dc29ce8c55a4e7fae5015ea83f891a8eefc8a13015ec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
584
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:02 GMT
expires
Mon, 24 Jul 2023 13:00:02 GMT
last-modified
Mon, 25 Apr 2022 12:30:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8917 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHOW5_3NbrVzlTnX3297xk6ApdQ5zc_It8SK_h6fhEDRnan464mMqFTHY7oVCjDwzQz9y8KZODqs4WKMQhXw4hBUyQ3O0xbqYOXJet3z0_x_SQe3ypuQrZdIC4Sz5yU_VPFp4lejsA6gu0fKdTCYsb7VEec8nZfAd2VVMGOw72n4-qV6ByPMpdshtHXAatMux35YGyxsiuQS7wWotoHXvJiLWbWqYge8vLPOhM2yql1MEBIZ5aqMZqFyj9eg4Gv2f8kvUwLnQ5e7BuRxTPlqFFKegec5Y6bKR2JCev9K8r2Nq1SYXmy5d5aVX_MKNB8cgUIZeOrLJGj_xXqYTviMcoiT7mj7Lotp43MbcnkXgXRjCQzoB9iUmXeBgvXV2KqXZmShrRFcONVe8mcRD4vZgonlPJ1L-rhC9DM1hqFza5j4pAZctSGhhUs-dZgp9weHq_os_ftxoxewgJ3TUAtsvTzQ4HAeri5zVRvSysmTl1ckb-HK-FXxAqwJFvIBwfMmUO4vQnNfTZ6spwktvabcKvgNUP51eIu5a91ajl3fbVG9jDTqdMtUiKXC3WSxr96e9P3Y6JHRv5iOh1u3CRY7y5fYXl-9QYuz-vQY7YDCNF0xdZi8j_DoGaXE68S_0fpsKWJ88iK_8OVt9TmqC8tJGzCuNrBN-2OUko_8zdS1eGVRxw_WsKp9b5Fhl9omrJ9jd2M6P2NVe48HCr_gXqTcKBFpYTAgtTUcUwPkJ47ILtS4SX8mcQ4GZ-vzQrKg0EpIkrxTwpEIBlf2Q0OpTqSnCO-rHF_KH0xrCa1S0rGAw7sQo5XDiUYF9TFcKKaIVHhhKAwlMN6JcgSUMky_-mOfvkMppI0TyVX6El4-o5rhIk80zoSNJJY3L6a_euWKx5JUnzKdOr7h5p_NsmCkti6K49r57XUomO2NEVmvfwFZQw5T_hneG0KNq8C64W-R9S6Q7HMuhhZyq5pd9k7z_Udct7s4WEKdrc08RFyuH1NAgkGik0Xoab-n8kEHbw8Gm-7sMIcsOK6vWMUd8oYcfBPOPr3r3jprxkZUPC9nc1fUBPXGrTbly239yZm2_ZeojdSqPmSJW3FghkqnHA7MISOyAoS87D2cikVug2w6Ftk1ml2_YdITxefVHYewK9dGDnvPUKAe-83Uy0f5yrHm2zQyIJisMa4eu4SQs1xDkgATjDorEFPicMOxbLHzh5ckr2lWbQvH9TFTGfaYTE1N0teEvNoNbBoSh8SEk-mjddC5RgY5WUDA&sai=AMfl-YTwaxffwAfjKahfAUVRUG1U1GCNyvKe6Ns332fNLtKC_Ykq_XRDVIS9fSvZtzQIEuu9kc8gA6iCkh8DrRpbNwv43qai4OQsC6vWy9SuCLKfGbuC0P_YcXc6X5J7ffrxkOdRskPlfbs4qiqh-O_kKO0b32PtwERyqarEMP6HSKXE9VKgBSmrtoAV81i2zrG-q37G1Wp0kDCqBIjl1Mu77A&sig=Cg0ArKJSzMVK72x_IuamEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=317&cbvp=1&cstd=314&cisv=r20220721.47881&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 24 Jul 2022 13:00:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ai.aspx
m.exactag.com/ Frame 8917 		43 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26966436&extCr=162822677&extPm=322983805&gdpr_consent=&gdpr=
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.8 Herrischried, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
So, 24 Jul 2022 01:00:02 GMT
Server
Microsoft-IIS/8.5
Date
Sun, 24 Jul 2022 13:00:01 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B3FB
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPUvUzyAQEcjpzebVdCzoCs&google_cver=1&google_push=AehlK4Dc47GWAJ48z3UQGouYpX0i0dY66lynwZaM-Gx-WUdZlnihA7Wo0R...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Dc47GWAJ48z3UQGouYpX0i0dY66lynwZaM-Gx-WUdZlnihA7Wo0RnqfnHuGSaIoBmX1iovG4eTnW7OdUKTOjCG6KyujNAC&google_hm=KxNAbkuTRiAx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Dc47GWAJ48z3UQGouYpX0i0dY66lynwZaM-Gx-WUdZlnihA7Wo0RnqfnHuGSaIoBmX1iovG4eTnW7OdUKTOjCG6KyujNAC&google_hm=KxNAbkuTRiAxXU5VyMRLEw
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4Dc47GWAJ48z3UQGouYpX0i0dY66lynwZaM-Gx-WUdZlnihA7Wo0RnqfnHuGSaIoBmX1iovG4eTnW7OdUKTOjCG6KyujNAC&google_hm=KxNAbkuTRiAxXU5VyMRLEw
pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B3FB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED28pUGYI-P3J46o3O-mz70&google_cver=1&google_push=AehlK4DT7oscHNhTLk_No5WEhmMfucEUdIuT0-pjQEOJABtLGZm-OMJvFSPfqfEAY_qnm6LwRCxwsWrCxYPXVhMA...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DT7oscHNhTLk_No5WEhmMfucEUdIuT0-pjQEOJABtLGZm-OMJvFSPfqfEAY_qnm6LwRCxwsWrCxYPXVhMAotOcjvAlypyM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DT7oscHNhTLk_No5WEhmMfucEUdIuT0-pjQEOJABtLGZm-OMJvFSPfqfEAY_qnm6LwRCxwsWrCxYPXVhMAotOcjvAlypyM
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 24 Jul 2022 13:00:03 GMT
Server
MT3 4475 c1dc35a master nrt-pixel-x16 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DT7oscHNhTLk_No5WEhmMfucEUdIuT0-pjQEOJABtLGZm-OMJvFSPfqfEAY_qnm6LwRCxwsWrCxYPXVhMAotOcjvAlypyM
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 24 Jul 2022 13:00:02 GMT
pixel
cm.g.doubleclick.net/ Frame B3FB
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEJoyLD9OftbTojPNA0ef-sc&google_cver=1&google_push=AehlK4BxooffijzoXrWbOo_PibjnCJBl9l9KNs1R8ePesokxzuVvjGf4q4Rvnt4B9iCe-tCohOgbOyaVqrdicfrb...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E41Gnf_-SZi4nhmeJOtrNw2&google_push=AehlK4BxooffijzoXrWbOo_PibjnCJBl9l9KNs1R8ePesokxzuVvjGf4q4Rvnt4B9iCe-tCohOgbOyaVqrdicfrbczWNSD4z3wah
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E41Gnf_-SZi4nhmeJOtrNw2&google_push=AehlK4BxooffijzoXrWbOo_PibjnCJBl9l9KNs1R8ePesokxzuVvjGf4q4Rvnt4B9iCe-tCohOgbOyaVqrdicfrbczWNSD4z3wah
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 24 Jul 2022 13:00:02 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=E41Gnf_-SZi4nhmeJOtrNw2&google_push=AehlK4BxooffijzoXrWbOo_PibjnCJBl9l9KNs1R8ePesokxzuVvjGf4q4Rvnt4B9iCe-tCohOgbOyaVqrdicfrbczWNSD4z3wah
x-host
tde-deliveryengine-production-78dd496b74-q9n95
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B3FB 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBUqsKjaaw7wYbMxnpuLqyY&google_cver=1&google_push=AehlK4AIjDk5EAmUp0iCg5Ns9qVLWuHg05CiJP7H2RnD5-zhGz2n2mT3ijrOMaS3QiL_Xj0wkW9gpsE9qJoB6bl73I8gPQX9cFPZ
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B3FB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_hm=Yt1CUnMdlz7abwNNqDfBqAAABHcAAAAB&google_nid=index&google_push=AehlK4CnNnRRtVyyHHck-bAQC7niVOFnDE3OH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_hm=Yt1CUnMdlz7abwNNqDfBqAAABHcAAAAB&google_nid=index&google_push=AehlK4CnNnRRtVyyHHck-bAQC7niVOFnDE3OHJsn3Zhepc5P0pWCsHQuek4YcDfjUYRWhQQ8im6QSKiZ8q99dYggRrEjsRUN3r-c
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41CwbcTsVEKRkjcrbuv3sSHwswWEtFeBg5V%2FdlMpQpMvQB5QYEw%2Fb6KyfP1kpVJYUQfHxOGFdvcTkIujapC17suzrTUQ2T%2FQD6XE4q5HlcICQe0zhd9hqt2ZjLWfK5cA8TIyQfjqqmj7Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPTKF0na6m5nWFH54bN27Vg&google_hm=Yt1CUnMdlz7abwNNqDfBqAAABHcAAAAB&google_nid=index&google_push=AehlK4CnNnRRtVyyHHck-bAQC7niVOFnDE3OHJsn3Zhepc5P0pWCsHQuek4YcDfjUYRWhQQ8im6QSKiZ8q99dYggRrEjsRUN3r-c
cache-control
no-cache
cf-ray
72fcd623f9bf913a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame B3FB
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEKgaKb7uJXdHKUu10gGPzGM&google_cver=1&google_push=AehlK4AzFvciZ2guFEv1wHcjPGZX1trt8-zZblJhF1lTMUzVq4I9WHGjYMlhiSd5QK__sXm1I3Qsg_SobAb_J2SKd...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4AzFvciZ2guFEv1wHcjPGZX1trt8-zZblJhF1lTMUzVq4I9WHGjYMlhiSd5QK__sXm1I3Qsg_SobAb_J2SKduAgYneraeiq&google_hm=FB3sqGZH-OlxuttHQzWf7xqe
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4AzFvciZ2guFEv1wHcjPGZX1trt8-zZblJhF1lTMUzVq4I9WHGjYMlhiSd5QK__sXm1I3Qsg_SobAb_J2SKduAgYneraeiq&google_hm=FB3sqGZH-OlxuttHQzWf7xqe
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 24 Jul 2022 13:00:02 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AehlK4AzFvciZ2guFEv1wHcjPGZX1trt8-zZblJhF1lTMUzVq4I9WHGjYMlhiSd5QK__sXm1I3Qsg_SobAb_J2SKduAgYneraeiq&google_hm=FB3sqGZH-OlxuttHQzWf7xqe
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame B3FB
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.targeting.unrulymedia.com/csync/RX-5ddf9a0b-9fa3-47e7-8ad8-f780c79285db-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CMMm9pf9Y_9c6xvj7HQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CMMm9pf9Y_9c6xvj7HQa06MrtXCJFlvEAPBDjcWRrBjaGv2QokQzXN2viQcwLarDJGJZVE2nA10Szd3CiyqJqVzjWMgxe8&google_hm=A13fmgufo0fnitj3gMeShds
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CMMm9pf9Y_9c6xvj7HQa06MrtXCJFlvEAPBDjcWRrBjaGv2QokQzXN2viQcwLarDJGJZVE2nA10Szd3CiyqJqVzjWMgxe8&google_hm=A13fmgufo0fnitj3gMeShds
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CMMm9pf9Y_9c6xvj7HQa06MrtXCJFlvEAPBDjcWRrBjaGv2QokQzXN2viQcwLarDJGJZVE2nA10Szd3CiyqJqVzjWMgxe8&google_hm=A13fmgufo0fnitj3gMeShds
date
Sun, 24 Jul 2022 13:00:02 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX5ddf9a0b9fa347e78ad8f780c79285db003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame B3FB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHemGJR7MfiKsfNXVKct7UZor_TxWlWYPrK9rIL0wgyqqASEwBmSvHTp0-b1CY-5nUNQXF
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 8917 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=25d48fb0-21a6-4d5f-5226-23cb5f8dc6b1&tv=%7Bc:jhZBcM,pingTime:-3,time:239,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:203%7D,%7Bpiv:0,vs:o,r:l,t:238%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:239,n:238,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:203,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcvCdV3+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C165%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C191%7C192%7C193%7C1a*.925113%7C1a1%7C1a2%7C1a3,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 8917 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=25d48fb0-21a6-4d5f-5226-23cb5f8dc6b1&tv=%7Bc:jhZBcM,pingTime:-6,time:239,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:239,n:238,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:203,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcvCdV3+11%7C12%7C13%7C14%7C15%7C161%7C162%7C163%7C164%7C165%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C191%7C192%7C193%7C1a*.925113%7C1a1%7C1a2%7C1a3,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&tpiLookup=ao:salat.zahav.ru*&br=c
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 985B 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 14:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 14:41:03 GMT
preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 985B 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16579
x-xss-protection
0
last-modified
Mon, 12 Feb 2018 18:09:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:00:02 GMT
tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 985B 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38407
x-xss-protection
0
last-modified
Wed, 04 Oct 2017 18:33:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:00:02 GMT
de_DE_polite.js
s0.2mdn.net/creatives/assets/2377528/ Frame 985B 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27518
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 13:34:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:03:49 GMT
dt
dt.adsafeprotected.com/ Frame 8917 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=25d48fb0-21a6-4d5f-5226-23cb5f8dc6b1&tv=%7Bc:jhZBe2,pingTime:-2,time:317,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:514,beZ:515,mfA:706,cmA:706,inA:706,inZ:707,prA:707,prZ:714,si:717,poA:717,poZ:725,cmZ:725,mfZ:725,loA:753,loZ:754,ltA:830,ltZ:830,idA:725,idZ:762%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:203%7D,%7Bpiv:0,vs:o,r:l,t:238%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:317,n:238,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:203,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16.925113%7C161%7C162%7C163%7C164%7C165%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C191%7C192%7C193%7C1a*.925113%7C1a1%7C1a2%7C1a3,idMap:1a*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:113,readyFired:true%7D&br=c
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:02 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame A4A2 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:00:02 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame A4A2 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 14:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 14:41:03 GMT
RTL_SF_TOPDOG_HPA_300x600.js
s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/ Frame A4A2 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.js?1653303357328
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feeb7a791a71ff0e704608b628731b0d103464cf805de0ed057a69ef3c717782
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 23:01:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
568720
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3418
x-xss-protection
0
last-modified
Wed, 25 May 2022 12:33:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jul 2023 23:01:22 GMT
L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
pagead2.googlesyndication.com/bg/ Frame 5168 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/L-abKjcItiHPWDDjMj0PdPxA5VtdVHl4wwoyOAXJbC0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 23:29:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
48635
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13921
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 23 Jul 2023 23:29:27 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 4971 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:00:02 GMT
300x600.js
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		47 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d93251c9dee8efd8db7b69ccc51c0b6ca0726f38693c369202ebb2459c459e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
336111
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8927
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 15:38:11 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 4971 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 14:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 14:41:03 GMT
clicktag.js
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/clicktag.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 03:52:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
292064
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
995
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jul 2023 03:52:18 GMT
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame BAC7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame B78E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 8B55 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 14:41:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 14:41:03 GMT
preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8B55 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_1.0.0_55e44727ad1a72cb590cb504b5394b25_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16579
x-xss-protection
0
last-modified
Mon, 12 Feb 2018 18:09:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:00:02 GMT
tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8B55 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38407
x-xss-protection
0
last-modified
Wed, 04 Oct 2017 18:33:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:00:02 GMT
de_DE_polite.js
s0.2mdn.net/creatives/assets/2377528/ Frame 8B55 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:48:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27518
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 13:34:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:03:49 GMT
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame B160 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZBjc,pingTime:-10,time:714,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuMTM0IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1658667602945%7C%7C146b6dc41dc2db0cc2fe3f435b86ee4a%7C%7Cdf92c9cff360bda3eafa3e94d6152ec7%7C%7Cf94c2b58b80f04dcdc7b768b1ab317d1%7C%7Cc0d5535b5aa799650c1483d7035d5d13%7C%7Cd991fe3400caae298330982e18883748%7C%7C20de8125f2ad40d9f1cd0a366a636980%7C%7Ce70a810ae9b9edb986fdab2e6f62df8f%7C%7C1629390669,im:%7BpWait:150%7D%7D
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame 0C13 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 58CE 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuluN0QH0Q9vDbM6eRel7nPYfXg9eY9iIfPYpQ_KmVD2IibMy_3ALbK01nmuyxiOw8ai9bhN1Xb3H4YROGZ6T7_pRksqnva1M6wc0P6bRn9arQQEiwedqOpLUezlXcaHoycZSGHSxfZdixSSVs-AybhavFyeUieC--hG2icOkvXoYghj98Dz5DviRtg4ceQainLZn37CmftOQ0caf7WvWMLVp7aAgfO0xWsZr3s846lF7JaCNuk8sKOes1Jb8XYTT3DSzDm_bmWRiGF-PmHRrXTbyrxltGnb9---pTPgZ1okvBXHIBUlc5VfAI3eoa6-Ev-whTT3Gt2Xp7mDe5Uo0aWbpkoYxbCi4NRsIvcgZ3RY7f4RGqz5ZS3l-OgwuFm_jhSC9qYd4ixOay8HQQIeljuMrraz82HwdwKitGnd94ZX9dXI9eIx4hEWIDV5I73O3r11To8V6mmpQ0WN6odEA25Trg8fwsB17Jeg5KGQt02IfYwTlaeTTpTenOlotFSSCLgpmRo8dttteNLGAIze_UzttJb4DXqEYpkjbIGv79HUsRcesjX2igQ6rczV3TYND_r4A-rf9J-hDbsIigU_eVtSozFgYnz56xAmNhtI7hrmvmysrSQ1QwMpGKVOAXZQ116d0i-k3V9MCz0lHSYjYK8x_h-ZLpf_mV-Xk--ALStoDJ5zgKL5GrTbucu14Vl5BKpZGfG2_kWF00HPRgInZ16O3T7Zyu3eiS-vYw3ZTaQ8GDUUu6bkp_Qja4kdjGNYP69zbQ62LycYNTwUdmOzX_bNIlVVnRGwE8uQBlQfrIhv7Kxzk3lYYXRjX7TW6TqBC7lpOkenxj-MwxMaGYnDcIkhq4O9oSU_4PijjG9P2hJjkFS3YhVHe-Q5oT1h8yAE6UIiymkTsIj2YMUae84vDsVwv-lz4eLnBo2CTqFM_40qZcVvngoojoqbBIOblM8-K3G00LChWm9zWBuCylh29OVv_oYkE4GCL0H0tUQcHHaQytgNxe1y-aJcxGSdEJrrNQ6zBWPTBN_bjztp6D679UF2R6wixRO10mZw4jnHKiTojJswPPFp5EBD3ASpVoBjzUe7TYldfxJ26sBEk4zlWn5FZsJ9fUpEX2Zx5Ra5lt9ZkKDQpYn4QiPouAY_qCPk4OebRgFbJSBBQkldIdxHKWSRKDq4ccvIm10nUuvkZkhBVEBdvo-T0OZLr_gf9JbGUixQAP7wke0H28GrbeT2yS2hsI3VKSJnNsAjgU&sai=AMfl-YRyfXyU31L_j66sd1ZxrmE79HpGABKVYD3ShR6umT_cuTG5Ckb6Zt3gNk-anquYP795PwZfY5ZUOvwD5ZarDuEwHoCjQlHgeDef1c5PPBK3-KAbnvs13ZmlNxd7o5fcOKb3fRG5L1nelRmjWoATuXPOc9N8lDPtzBeFmhTwtkBx2Qj4VcFat0Y88AK0Q2OKofAFtNzxIzdjLJLiwSnOkQ&sig=Cg0ArKJSzAkX6-wyhsAnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=845&vt=11&dtpt=557&dett=3&cstd=283&cisv=r20220721.35172&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
logo_gross.png
s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/ Frame A4A2 		775 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/logo_gross.png?1653303357322
Requested by
Host: 25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d47b5245063e16f813dbf9027334057dba129d0676a31465ec93569ed236802b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 23:01:22 GMT
x-content-type-options
nosniff
age
568721
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
775
x-xss-protection
0
last-modified
Wed, 25 May 2022 12:33:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jul 2023 23:01:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8F72 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_tSmVjVzFpcJKELIdj9DO5WSytB7kpDDqx0k8cJ31P6sg7p34YUGL3Fqi6nShDq_IMGWb1E2z7-0hv-Q2UV2ImPaNUWQ1pGdkR8wHhwMGkocYknxK-uxgQ9hhaWCfADnDlaF0zDrg7EaRUZqJvBo84UQVdH6Nd_M-lcgZ91ptAy3s6JD2vYlQCE0H6zMsjad7b9W65GBTqV9Nf4p3uAFD4dVnlDuZXynZjX_pNgu73-_GD2mIWXfugk3Y8QPFWczoSQwtlNI9W8PlMvmDPEAYccaTrrb-cvg4au2d0NMqs0HJ0LlHlkq0WZ5CHe4fAMb8-3nVA8pOKg-nHdHooglng4QApE9oKPaZdK4FhtQmNaLkjISomz9yb6J4nRtokC5_VGV_Wfz6-C8iJTSesYCRvZ3iUuiYekHA9Cvpi4J7wO7OOA4qTjLY9KTZmGZGAcz85XiBjLCZCHONLV1MHb5Yys0CuokdQywE3othM2fe_y6ogJP1qaPSMd4A5rkMJj1eQEm9y8gLHZLOqWkGYyh6wFYDO8-ArdmywUmUKAN8VfEh0tAgofN5iQHTA_uMyzOH4bR7CrWeszHJucWMSMdrvV3xULMbIgXyspLlo65Zriq-7FVfuaIGhAV8vFAYcLoXqfK3dC8aqmhDzk9hwiL8L9dtbFQcVdbRGERlLCWplcOsQzofA9W_YzFPSEYfxx27OczejkU1904DEiKzzes_Ijv-UQdNrN-f2bG1jRCOtExq4rNEschlRbw3ozF1nHqpMYXCfHut8eIRBUwQIIKLwVGn6W2UmqhLh2toy3ptJ8uZEzM1EsB-C-wFFJ3-fdDTZWhzZyPMjESRX3ylQEjmtqKnNPMgX3s62HHIP-usBwvcaryPCRlNf4n8H8wkvPIBp_ylJrGdYnM7tLahSO3n2YKy_aST0MMZ3g4zRPpXLim5u9t1ohn5Feb9lYiqK7cUM6yqJJOWEdaj7IbDQEWONaECUxbbd_EF8NCnAnx4vTg9xkeqQvjqtuCJkZd6oKt2l4OseioWOr2N6b8iUXthbnQfJp0CJSuy0yD-M5TuziYTZxeFLy0USlMXC_Au7S7mld_mMC_ZcDma6a98fYBECUU_BbLJCQVjqgSbJClNeQfY49Ukkue31kJkQ3LRdizCuz574RaP1QIez0goTXuqlLqQPXsvQaz9GIm7yQAIU0V5sl7v-udJKDZawKjcOz8P&sai=AMfl-YR5Lo_ftBzu9YMCAFKCz9awMaBGLlbFlmibEM7HDLZ_n5pgjbZfMu_bM43C0GFBaOFLyCmn99AB3rFJkEhIxe_I98wN7V8BPvtZw0yd_HJWfljXnXgQvJUNacWoF11OdChVK0M4ZCRP5uOwNMKE-ku0ZetD0QA79KAbvNySTey5HIcQ_3ddMeQcCir1AO1rmVLhilMg7N6PZN20ieXXxw&sig=Cg0ArKJSzHNFz3GOUuNuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=885&vt=11&dtpt=660&dett=3&cstd=222&cisv=r20220721.06375&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 8A3C 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYWR1-5VDppqe5Zcr5zHdDDv9OkMTrJlBrqrYY4bQp2581dHflZOHoAmBqCOOW088iiyQjHMJzUQPY0G5t-UC-0vZrhjMzKPDi4kwhCI9xXSXlYeH99gDxfNdOq43rDugxehATtoM5TdfDgqzKlpNMVHJnYDjw1tO4ERVkk-G8Ow76NA5B0GmgUwKRX4vLnCfwK9xy6ZUQdx4lIvoO86R26WbYancTCBhI1PzqqGp7_INO1Z4zPe87B9K-7WdCFejaEoR0plFDEq78ZB2ku5VWSvoZirWPEf7M3oMlO6FSBcXv6v2z2RPGR8aNnzXBDV-6uqsdnf3zJpNg4q-I2eVvDR6nhUxQGbITHyy4AoleBJcfuUsqhABFEVRKkwm3K5G991SSIVgfi6cNV0v5S7Ii8h9m74j8nSe-QlwEDATM8LEbwOIcMAFvOl_he_AgAogpNtkh98AHCX2agEM_Y4O9cVQiq_YaHcyk31RZw-Q3kQ2dBIkyBPbDdVjIK2AXhNS6p_K_0HXSVQ9DXdnbkPdhdc3eqU1ElULSj8ZDRQ1cR93PSfunqyadVHagJXggFVpZgjRGWk27jdCfcUk532VyUKuLOx2rcZspA2mzpPOoxDqyfPZsNzKUXpM0UDeDcXeSnsMFiCnCE1bPUC1yWJv_QMpmbG9-BHUT7e5q0Vly1FOkugSvr5DXa_CvlrZ6Sb3Yh-dQFSZPyr_hvkDgy2-zSztP-Kj4sHiy8z2T1fErvs0qNtIeW7xBuWzW88LRIhScGuPZljVxQXAMnAvdtEiCdKjTEDagDIAgfn_K6K00EAWp84Y048MLkrzvIyjatHWZxvBFKKmqoDHkVvMlvpCO9F8zKPFYRX934qdQ52QI-X0BbPAaZ7iaKxSRIL7MQ3b6Cn1p62fTY4KhUd1EFgtfYVWKKhyJt4Qtq3BHRadzc1GwcN-ivjcDkKApYZfK2pGqKXwnTmMFRPkBkGh8yiFXPS-ewv9i2XzQoMsLOtchrH1wIzkXGhjQOV2DXAEyB54aTkCUM7evC4VvqUIjUtU6BZhTgv-JdeAHjrABHvB1EGKm_hCPhh9rc0vCj7LwdgRCrF6Ruhsuucfsiea9X3-aT0Hw1lIdQ5cKI9pIrmG7FQGuA7X6y4AyPJo5LvQh1-fU0qyZx85-GtlwqtjL_MP6BaX62Efq2UaYTqrDIqmy3J7jLC2SlPPXuIX1_7-KpxYt&sai=AMfl-YT2vDhfg8rFgDecJgXzDmpVJRRVuT62QUoxPJCCIKo6PRk9zZ5K-cNoTP4UAfOXDVI0IuyyDf6Iyis3NU68_tsZL_gjvUc5ouddfvR9vukRg-1O1Qbogtfkd02SEjc587YCdmZzv-AyCuBXOpWGH9jtxCi89gwz039L0tnX6KVM9Kx9vNvhgDnOjnHtO9Wngl_kqtsxdO4Btqgnwy1tBg&sig=Cg0ArKJSzO66w6bizmPQEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=949&vt=11&dtpt=604&dett=3&cstd=342&cisv=r20220721.77996&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 985B 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c43e4fe528c3b9421c0f7283bd7cc0d4771ec956de84369c1134dc6b0da9a5ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5621
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8917 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssHOW5_3NbrVzlTnX3297xk6ApdQ5zc_It8SK_h6fhEDRnan464mMqFTHY7oVCjDwzQz9y8KZODqs4WKMQhXw4hBUyQ3O0xbqYOXJet3z0_x_SQe3ypuQrZdIC4Sz5yU_VPFp4lejsA6gu0fKdTCYsb7VEec8nZfAd2VVMGOw72n4-qV6ByPMpdshtHXAatMux35YGyxsiuQS7wWotoHXvJiLWbWqYge8vLPOhM2yql1MEBIZ5aqMZqFyj9eg4Gv2f8kvUwLnQ5e7BuRxTPlqFFKegec5Y6bKR2JCev9K8r2Nq1SYXmy5d5aVX_MKNB8cgUIZeOrLJGj_xXqYTviMcoiT7mj7Lotp43MbcnkXgXRjCQzoB9iUmXeBgvXV2KqXZmShrRFcONVe8mcRD4vZgonlPJ1L-rhC9DM1hqFza5j4pAZctSGhhUs-dZgp9weHq_os_ftxoxewgJ3TUAtsvTzQ4HAeri5zVRvSysmTl1ckb-HK-FXxAqwJFvIBwfMmUO4vQnNfTZ6spwktvabcKvgNUP51eIu5a91ajl3fbVG9jDTqdMtUiKXC3WSxr96e9P3Y6JHRv5iOh1u3CRY7y5fYXl-9QYuz-vQY7YDCNF0xdZi8j_DoGaXE68S_0fpsKWJ88iK_8OVt9TmqC8tJGzCuNrBN-2OUko_8zdS1eGVRxw_WsKp9b5Fhl9omrJ9jd2M6P2NVe48HCr_gXqTcKBFpYTAgtTUcUwPkJ47ILtS4SX8mcQ4GZ-vzQrKg0EpIkrxTwpEIBlf2Q0OpTqSnCO-rHF_KH0xrCa1S0rGAw7sQo5XDiUYF9TFcKKaIVHhhKAwlMN6JcgSUMky_-mOfvkMppI0TyVX6El4-o5rhIk80zoSNJJY3L6a_euWKx5JUnzKdOr7h5p_NsmCkti6K49r57XUomO2NEVmvfwFZQw5T_hneG0KNq8C64W-R9S6Q7HMuhhZyq5pd9k7z_Udct7s4WEKdrc08RFyuH1NAgkGik0Xoab-n8kEHbw8Gm-7sMIcsOK6vWMUd8oYcfBPOPr3r3jprxkZUPC9nc1fUBPXGrTbly239yZm2_ZeojdSqPmSJW3FghkqnHA7MISOyAoS87D2cikVug2w6Ftk1ml2_YdITxefVHYewK9dGDnvPUKAe-83Uy0f5yrHm2zQyIJisMa4eu4SQs1xDkgATjDorEFPicMOxbLHzh5ckr2lWbQvH9TFTGfaYTE1N0teEvNoNbBoSh8SEk-mjddC5RgY5WUDA&sai=AMfl-YTwaxffwAfjKahfAUVRUG1U1GCNyvKe6Ns332fNLtKC_Ykq_XRDVIS9fSvZtzQIEuu9kc8gA6iCkh8DrRpbNwv43qai4OQsC6vWy9SuCLKfGbuC0P_YcXc6X5J7ffrxkOdRskPlfbs4qiqh-O_kKO0b32PtwERyqarEMP6HSKXE9VKgBSmrtoAV81i2zrG-q37G1Wp0kDCqBIjl1Mu77A&sig=Cg0ArKJSzMVK72x_IuamEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=916&vt=11&dtpt=599&dett=3&cstd=314&cisv=r20220721.47881&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000823/module/ 		503 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000823/module/singleAnimationOnFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-78.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
90e3bc6ed5a172be081c1c9134dda1cd38751c7f16fa45b512820c69a4c9cb38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Sun, 24 Jul 2022 05:14:07 GMT
server
AkamaiNetStorage
etag
"4ec689ac92b6caeb2231c194850b2baf:1658643335.350668"
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
503
expires
Sun, 24 Jul 2022 17:00:03 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=ce59b45981653fc6deb5cff7767afa38_73087_1658667602367&tm=2145&eT=0&widgetWidth=300&widgetHeight=291&widgetX=985&widgetY=2277&wRV=2000823&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1289&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
X-TraceId
e3271e10f38cf7f0f1494a8224585550
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=84db4167a106fb46506386e5415e2024_73087_1658667602549&tm=2152&eT=0&widgetWidth=300&widgetHeight=291&widgetX=985&widgetY=2567&wRV=2000823&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1289&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
X-TraceId
ec803a558bc42c9180d7d2c8be0a0a69
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=c9a7c54636dde0eda5c8feb41c06dd90_73087_1658667602726&tm=2153&eT=0&widgetWidth=300&widgetHeight=291&widgetX=985&widgetY=2858&wRV=2000823&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1289&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
X-TraceId
efa02e47c3d16dec78ec88f1aba62d61
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=3288bd0d4de16c6e2008736e69a75dc8_73087_1658667602906&tm=2153&eT=0&widgetWidth=300&widgetHeight=291&widgetX=985&widgetY=3149&wRV=2000823&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1289&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
X-TraceId
0ce4c9f21fd1ae1eb3f0483e46162c2a
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
eyJpdSI6IjYwOTNlNzY5MmI1NDRmMDZhNzZmY2ZkZDZiNGJlNGYyY2YwNzdiNzEwOWY3ODMzMTBkOGZhY2M0YThiY2MzZDkiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjYwOTNlNzY5MmI1NDRmMDZhNzZmY2ZkZDZiNGJlNGYyY2YwNzdiNzEwOWY3ODMzMTBkOGZhY2M0YThiY2MzZDkiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5dd6d82d98b2306b1c86bfd9722f3f8b5525edc75c7965b7dbdd2bab2c74bdae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Wed, 25 May 2022 10:14:46 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=452437
access-control-allow-credentials
false
x-traceid
664752f25a9b183e64ead1cdee3cf408
timing-allow-origin
*, *
content-length
7960
eyJpdSI6Ijg3ZGVjOWVjM2RmNzczMzAyNTQ3ZmQ4MTI3MzY1Y2Y3NWI1NDY2MTZhOGU5MWYzNDhhNjlmMTRjYTc5Zjg3ZjQiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg3ZGVjOWVjM2RmNzczMzAyNTQ3ZmQ4MTI3MzY1Y2Y3NWI1NDY2MTZhOGU5MWYzNDhhNjlmMTRjYTc5Zjg3ZjQiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
55e5c1ca0926172cd8d958e20aceb765910d0b452f89c3ff053fc786b7aa864c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Wed, 29 Jun 2022 14:14:42 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=306969
access-control-allow-credentials
false
x-traceid
dbf1eeab61410a6547789862fe01a6f0
timing-allow-origin
*, *
content-length
5972
eyJpdSI6IjJjNzFhYzc2NzRjYWMyZjE5NjdiY2RiMmUwYmE0YWQzZDM4NzFiMWYzNTc5MmFhNzA0NWMzZGU2MjZjZmE2M2IiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJjNzFhYzc2NzRjYWMyZjE5NjdiY2RiMmUwYmE0YWQzZDM4NzFiMWYzNTc5MmFhNzA0NWMzZGU2MjZjZmE2M2IiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b4fa6a0fa39bef38595f2e114d87033f13096b599a2ccbba9800a19b45311bbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Tue, 12 Jul 2022 04:15:52 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1394317
access-control-allow-credentials
false
x-traceid
f11737c2bb48c80512490468d4cd620e
timing-allow-origin
*, *
content-length
5198
eyJpdSI6IjRhMDg5ZGViYTgyZDc1MjJhOGY0MzExOWQ3MDI5YmFlYTdhNjNlODFjOGE3NjRlNjYzNmI3ZDgyMDdiMWY1NzQiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjRhMDg5ZGViYTgyZDc1MjJhOGY0MzExOWQ3MDI5YmFlYTdhNjNlODFjOGE3NjRlNjYzNmI3ZDgyMDdiMWY1NzQiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d592c87184fd9953afc6fce5e6ade6e09d6831e3644951cd44e03f7fef164b85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Thu, 16 Jun 2022 10:51:50 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=213018
access-control-allow-credentials
false
x-traceid
00044dd5202b9ca7bb0ee8da0be203b7
timing-allow-origin
*, *
content-length
5836
eyJpdSI6Ijc4NzM0MjkzZGM0Mzg3ODAwNDNlMTc4MmExYjEzYzBhZDRmMjgwMmY2YjA4Y2YyNmQxYWNjYjM2MGNkZTQ0NmIiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijc4NzM0MjkzZGM0Mzg3ODAwNDNlMTc4MmExYjEzYzBhZDRmMjgwMmY2YjA4Y2YyNmQxYWNjYjM2MGNkZTQ0NmIiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c7ebbcd4e2fcd7051ea17c4a7ad41529f2c5053cb42179a50a3aacd02249e20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Wed, 02 Mar 2022 10:04:33 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1460888
access-control-allow-credentials
false
x-traceid
3353a18aca8164b7e36a3c7423af5f36
timing-allow-origin
*, *
content-length
5220
eyJpdSI6ImI4MTJhYTUyNzMwMGYzMzdiYzExMTI2ODdkZDdkZWE3NTRmZjdhMzBiOWVjYWQzMGRlNzUwNGI0MmYxN2E4MTMiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI4MTJhYTUyNzMwMGYzMzdiYzExMTI2ODdkZDdkZWE3NTRmZjdhMzBiOWVjYWQzMGRlNzUwNGI0MmYxN2E4MTMiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d5cb8f53fe4a979a223d4c02094bd9d8c736fdcc00396abbf9422f7bc4f53c82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Tue, 12 Jul 2022 16:23:45 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1437923
access-control-allow-credentials
false
x-traceid
58d923701c1304bb54920574feea8584
timing-allow-origin
*, *
content-length
6174
eyJpdSI6ImI5OGVmM2Q1MjlhMjViOThjMzI3MmZiMDFkMjM1OGRiMDA5ZDI4OWI0YmU5MzIxNzNiNDI4MGNjY2E1MTY3NzYiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI5OGVmM2Q1MjlhMjViOThjMzI3MmZiMDFkMjM1OGRiMDA5ZDI4OWI0YmU5MzIxNzNiNDI4MGNjY2E1MTY3NzYiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6465e575b87cc0e13f3cf2751f204587eeb85bddffe875a290c37af89788012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Sun, 26 Jun 2022 06:44:56 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2237094
access-control-allow-credentials
false
x-traceid
0d5c90514b7e48d369e7a2ec7e82addc
timing-allow-origin
*, *
content-length
4126
eyJpdSI6IjVjZGI4MmNmMWFkNDc2NzkxZmJiYjY5M2U2ZTliNmJhYzhkYjE2MmZmNzY5OThiNGNhYjQ2ZDk3ZTYzOWI3NzYiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVjZGI4MmNmMWFkNDc2NzkxZmJiYjY5M2U2ZTliNmJhYzhkYjE2MmZmNzY5OThiNGNhYjQ2ZDk3ZTYzOWI3NzYiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3c41a36dd76b44cc3920801530ab906e07ecbf50ab5e51512c116033fdf66269

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Mon, 31 Jan 2022 13:44:55 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1576847
access-control-allow-credentials
false
x-traceid
cf4baaaab58747dd3694b1d3025706fc
timing-allow-origin
*, *
content-length
7140
eyJpdSI6ImY2OWZmMWM0NDBlODE0Y2RmZDcwYjM0ZGE1NjFmZmY5YWVlODFkMjM2YTYxZWIzMmQ1ODY1YTgwYzhlYjI0MDEiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImY2OWZmMWM0NDBlODE0Y2RmZDcwYjM0ZGE1NjFmZmY5YWVlODFkMjM2YTYxZWIzMmQ1ODY1YTgwYzhlYjI0MDEiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
786e039e5d67e37cd528fcc1119effeb108df4eb860a06d92748306aef4d73fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Fri, 22 Jul 2022 11:43:37 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2427981
access-control-allow-credentials
false
x-traceid
7ffa22cc2beb269561af419ed67457f8
timing-allow-origin
*, *
content-length
12782
eyJpdSI6ImFmYmY5ZDk0NTA3NDU2NDk5YTM4ZTI0NmE0MTU5NTM1NGRjNTAzMDg3YmYyYmRmNWMxYzkwNzU5NGMxZDcyNmQiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFmYmY5ZDk0NTA3NDU2NDk5YTM4ZTI0NmE0MTU5NTM1NGRjNTAzMDg3YmYyYmRmNWMxYzkwNzU5NGMxZDcyNmQiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
42726af88425787c6df6808aeab623df3e44047bfb32912ecf28dd315ae74f09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Sat, 16 Jul 2022 08:14:44 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1754103
access-control-allow-credentials
false
x-traceid
63b0d4a9f8dc8a86f19c594adfe7cc58
timing-allow-origin
*, *
content-length
4082
eyJpdSI6IjgxMWQ2NjI4NGQ2N2M1ZDY2ZGU5YTNlNDdhMjBlYzFkZWNjYmZiMGRjM2NiYTY5OWY3NGUxY2I3MWZlMGRkZGIiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjgxMWQ2NjI4NGQ2N2M1ZDY2ZGU5YTNlNDdhMjBlYzFkZWNjYmZiMGRjM2NiYTY5OWY3NGUxY2I3MWZlMGRkZGIiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
23bdce6e7aa2382b9856180813706f01431569c4a9eba6ba22a40eb672b76c94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Tue, 19 Jul 2022 09:33:37 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2298641
access-control-allow-credentials
false
x-traceid
8cddb9a3b28c28da6ea584ed77c374fc
timing-allow-origin
*, *
content-length
4410
eyJpdSI6ImM4NWE5Nzk3ZWNiZTE1NmQ5MjQxYWQ0ZGJhNTY4MTdlMzQwNjJjNjYzYTUyMjZhMmRjYmFkY2QzNmU5NGVjYjAiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM4NWE5Nzk3ZWNiZTE1NmQ5MjQxYWQ0ZGJhNTY4MTdlMzQwNjJjNjYzYTUyMjZhMmRjYmFkY2QzNmU5NGVjYjAiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5e4008f4ee1ae18c45c4a2e591f1cbedfa574cd8183d4dd9532e0d57670456cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Thu, 14 Jul 2022 04:55:23 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1569663
access-control-allow-credentials
false
x-traceid
e92bf80d8f31b7ad56dd7060fb48dbdc
timing-allow-origin
*, *
content-length
6692
eyJpdSI6IjUzOGMzMTg0ZjUyMDk4YTcyNjlkZTAxNzIxMWEwZjIxYjA3ZjBkMmIwMGFkYmQ0ZDQzMjM2OTcyZjZjNmE5MTMiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjUzOGMzMTg0ZjUyMDk4YTcyNjlkZTAxNzIxMWEwZjIxYjA3ZjBkMmIwMGFkYmQ0ZDQzMjM2OTcyZjZjNmE5MTMiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
98a56ebbfe93676bb6349958afd6fc5a5c71d428b2090ce3963859a1f1193b04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Sun, 17 Jul 2022 16:11:48 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2256325
access-control-allow-credentials
false
x-traceid
1442e570e8081d32d54c90be40ff0c05
timing-allow-origin
*, *
content-length
6716
eyJpdSI6IjUwNGI1NWJkYWY4Nzk1YzFkOTkyMTM2YmQ4MmE5OGE5YTMwNmIxMTg0MDU5NzZlZGRiYjEzNmM5YTYwNjIyMTMiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjUwNGI1NWJkYWY4Nzk1YzFkOTkyMTM2YmQ4MmE5OGE5YTMwNmIxMTg0MDU5NzZlZGRiYjEzNmM5YTYwNjIyMTMiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2bd7efe2d385b55193c9408104767487c89a960d5f8fcb0263a6e9cc4763eb06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Mon, 04 Jul 2022 08:24:33 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=718046
access-control-allow-credentials
false
x-traceid
098e92ebb3154d645bd50396023741b9
timing-allow-origin
*, *
content-length
4066
eyJpdSI6ImQ4ZGEyZDcwNTY1MGRlYzAzMWFlNTNiNjI5YzE3ZjMwZDRjZWViOWE5OTcyMzIzNjNhOTJjM2ZlYjFhOGVjOGMiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQ4ZGEyZDcwNTY1MGRlYzAzMWFlNTNiNjI5YzE3ZjMwZDRjZWViOWE5OTcyMzIzNjNhOTJjM2ZlYjFhOGVjOGMiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8e7c73455a3092bb70bbdd2e99bb15aa34a44da5dbdddaf932e1197d17ea0db7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Thu, 23 Jun 2022 15:58:40 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2011059
access-control-allow-credentials
false
x-traceid
a22beb927bb7ff62daec58c077b4c13c
timing-allow-origin
*, *
content-length
7620
eyJpdSI6IjM2NTIxZjQxOWVhM2JjYWVmMTU1YjQ4ZmQzMGNlYjk4ODIyMTM3Y2ZjYTgwZGUzZWFmNmRlY2NhNzk0YmIxOTgiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM2NTIxZjQxOWVhM2JjYWVmMTU1YjQ4ZmQzMGNlYjk4ODIyMTM3Y2ZjYTgwZGUzZWFmNmRlY2NhNzk0YmIxOTgiLCJ3IjoxMjAsImgiOjc0LCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.201.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-201-170.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
af41628212503c246148904d2e76d573f19fc550cf7f4cc97ca8e003bcf23ef6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
last-modified
Tue, 19 Jul 2022 08:27:52 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2321936
access-control-allow-credentials
false
x-traceid
74d0f55e48c269d884f6c67c3aa4bbe1
timing-allow-origin
*, *
content-length
5974
logo_klein.png
s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/ Frame A4A2 		658 B
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/logo_klein.png?1653303357322
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
838c330520b20c02cd611bc21cfe143ee07ed5df8a25d50be9b1c6c559be2053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 23:01:23 GMT
x-content-type-options
nosniff
age
568720
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
658
x-xss-protection
0
last-modified
Wed, 25 May 2022 12:33:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jul 2023 23:01:23 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A4A2 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6b10140afb74574fc4650a28a7a662b6a2ca7a24fa11207898a5836baf6f14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5916
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 985B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4971 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7d159484068d41014e7979c58712a67963443c46f24c58db30418956d6bf2e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5665
x-xss-protection
0
bg_img.jpg
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/bg_img.jpg?1652768359896
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b584cbfbc86b9d2f78d44b342945b046a53c34d2a1e976b3a9db7217e564536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 16:05:17 GMT
x-content-type-options
nosniff
age
334486
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53321
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 16:05:17 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8B55 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f90d7eb38129dcb951882e87003277209e1c97adf53cc365ff43b83c8aad9d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5761
x-xss-protection
0
300x250_NH_D_WD_Affinity-Music-Piano.jpg
s0.2mdn.net/creatives/assets/2373736/ Frame 8B55 		17 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2373736/300x250_NH_D_WD_Affinity-Music-Piano.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ebfd4fb0595bd1cc9d26dc3a82977966b708a6dd4287b9fb9f7a383704d9cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:59:22 GMT
x-content-type-options
nosniff
age
41
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16975
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 16:00:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:14:22 GMT
970x250_NH_D_WD_Affinity-Music-Piano.jpg
s0.2mdn.net/creatives/assets/2373736/ Frame 985B 		45 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2373736/970x250_NH_D_WD_Affinity-Music-Piano.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78904a47430206f2168510cae6370486a90ef7db834c8a533c9b6e6277d9a64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:58:29 GMT
x-content-type-options
nosniff
age
94
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46347
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 15:17:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:13:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 58CE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4wNPv94IHZ8qW9_k7pzlUZZnGqEIdJX_4PXd3Km92ZPaQE8mhJEtRfzoQcyr7Cqt9v8hF393943gRqFeHpFWjjVXaEH2lW5UgHe7_Pbqs9n4y48SwvEiPBXBV_0uJPE6kNxXE7GNJ1wYr&sai=AMfl-YScyQJcsK2DM0cQK6jXZxrVLKhsq0yHGzpOxeK3QSBV-yRtN-Bkopa2DpGulo3PM2x3rXcFOmYK8BwNTQckqj8jU45oPr_zKolbnQAvcWRcRYFgJl2y1KfWJxw&sig=Cg0ArKJSzDvBGEB0pjyGEAE&cid=CAASJORoUtEuIJr7LVukyQzI8ZbaTpmfN_CpKF1FYJ7UdjsttS5Yxw&id=lidar2&mcvt=1034&p=15,315,265,1285&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3393772807&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658667601729&rpt=515&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A4A2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:03 GMT
logo_picto.png
s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/ Frame A4A2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/logo_picto.png?1653303357322
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89bdf16061e7d6993f28e5afa3e77d2ab609272631a3c3f55ecace8191dce4b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 08:45:45 GMT
x-content-type-options
nosniff
age
360858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1937
x-xss-protection
0
last-modified
Wed, 25 May 2022 12:33:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 08:45:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4971 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8B55 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:03 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad3a176bf19eed7e5145489ea6723082d5602f0bc81eb1d800c7345fd547081a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10798
x-xss-protection
0
logo_sendung.png
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/logo_sendung.png?1652768359896
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68727564309c61973bca34183a0dc1d4d6f2a29b0e94ce0b4fd856ad03a1ed4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:38:12 GMT
x-content-type-options
nosniff
age
336111
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16767
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 15:38:12 GMT
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame A434 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
572554a8-ac90-40e8-8889-9a046536b519
https://s0.2mdn.net/ Frame 8B55 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://s0.2mdn.net/572554a8-ac90-40e8-8889-9a046536b519
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ebfd4fb0595bd1cc9d26dc3a82977966b708a6dd4287b9fb9f7a383704d9cce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
16975
Content-Type
image/jpeg
1d458b00-ca6d-49fa-86d9-0bec3f686d5a
https://s0.2mdn.net/ Frame 985B 		45 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
blob:https://s0.2mdn.net/1d458b00-ca6d-49fa-86d9-0bec3f686d5a
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78904a47430206f2168510cae6370486a90ef7db834c8a533c9b6e6277d9a64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length
46347
Content-Type
image/jpeg
activeview
pagead2.googlesyndication.com/pcs/ Frame 8917 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusFSrhquXHCFrxAsM3bgKYYMMkQVLCGF0tijtCwV_qc_-nLgcw_kDBSQSYZNwZG46JGwdMS1DQMDFzcgcVpxkMNvAB-X400PbtaBgVaTM8g4c-fT3GD73WRewB_qF0N4CXMIq77X8iB2Cx&sai=AMfl-YSeYRAB_vZCq_YOJSOMNjOTjdod9erKGIx_MT_5h3IBUHG7pilA_h246CWpISNsj43d-mxktjdJCc5tjHow6GNCdiAOSzBXTWxXIDbPlpHkfOoSOQvwTM-Sy30&sig=Cg0ArKJSzED74grtSYwfEAE&cid=CAASJORoG4qEGwZKmf3wFwjVoP2-BNybZIMLGEnVnKwwPiNKi7n4Ug&id=lidar2&mcvt=1036&p=329,986,579,1286&mtos=0,1036,1036,1036,1036&tos=0,1036,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=1530192467&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658667601795&rpt=540&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:03 GMT
logo_topdogs.png
s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/ Frame A4A2 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/logo_topdogs.png?1653303357322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6cc561aee2db838bb493c64b9d1d66efbb56806d7ce9aa43c6d1603ca99f02d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 21 Jul 2022 03:22:09 GMT
x-content-type-options
nosniff
age
293874
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4595
x-xss-protection
0
last-modified
Wed, 25 May 2022 12:33:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 21 Jul 2023 03:22:09 GMT
rose_01.png
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/rose_01.png?1652768359896
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9df6eeb6712aed2f872ba26de78f1b8e829f45eb33526f6d1d272414f48b70fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:38:12 GMT
x-content-type-options
nosniff
age
336111
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 15:38:12 GMT
de_DE_imageanimation_NH_D_WD_Affinity-Music-Piano_300x250.js
s0.2mdn.net/creatives/assets/2987685/ Frame 8B55 		40 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2987685/de_DE_imageanimation_NH_D_WD_Affinity-Music-Piano_300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7fb777f4c0717a6398647b9e78a227d87fb552c47691c358f38b6af4c9bae5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:58:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23739
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 06:43:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:13:14 GMT
de_DE_imageanimation_NH_D_WD_Affinity-Music-Piano_970x250.js
s0.2mdn.net/creatives/assets/2987685/ Frame 985B 		41 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/2987685/de_DE_imageanimation_NH_D_WD_Affinity-Music-Piano_970x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ded0c11f04f5ab6678e0f8bfb4257f642be20685d63516c654e1541d74c1d8a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23751
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 06:44:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:13:31 GMT
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame A8F7 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame 2301 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame 2EA3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BAC7 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BT44CUULdYvarPKq6x_AP9fuK4AgAAAAAOAHgBAI&bg=!MDOlM3fNAAacadVKvGk7ACkAdvg8WmrClsnth8ei2on2Wr2Ugn5MOTIO4ea-QS-KEjZ6iU6-bh5f2wIAAAGrUgAAAAJoAQcKAJDNjdGibkN_4dsbX4lUl-iuCjHg2wM3Digbgpnu5zhdAiNTwZPWBdkZ3T2Tiakqk5D-Shvd8JKySDBw_n4xBnDKmasD-UwwK2pe5E6H7YCjXT2Wsci3RPavp35-826h177NV5q0wz7YQPt1g7ETf9fUfwPVBlALD3hQVJYgfTdtQxtAcnGZEORF_nA1wSLBTziZAunb8W4RM0pc5xUzexvGZKnxK-e17I7wAa1Cpv6-ResLhI_x7wjqjneifftjwYZiyWQdBy6NwhLPzG4RfqKLF6foGr7SNBoO4YMoVbKe5StwGfvoa27inii55OaZq0ylCqTLUo8HZCa4xpHgVmu_SabfmNC8xtGa8mBdkxR7EJhS-WJB-9pD0h5cLBRVR_0gwKtZB12R1Cv4KvQIBpA61hfIB-LkoH6lX_EamCJT0DrY5gJK0bj0_euT_YuFKNdSKacvbbE2w-n02IPqWIXzztK5a4XhprVYrI16Ry4SaMEp-oI98vSwcVmZNT-8XDSycUEFgK4Al9hao2oXgs5niib2bOwVVH9MuPoMr8TCXvlftNwTA8PWNoRLeDGTbMzMOPA10a1117VJzZE6_5ugySfPpRYbGN409ppOzf63RKVL2zlETx43Z846xoIINnLdfeFZ3S6CB8fl8JXoEZMIHUJOPGB8MSo-O3d1BtlVW7Oy3KXF46SnSXoTZbEz0vYHbGHzbGiJQd1LUVs36PH3wIw-81Xo3A6eCnYbXTb2JuenK9C5_j5RC1Me5vmoIaC6API-c9JWSRnkac5cKXdwqpMPYEPTKgD5r44glpqkxq-rSz4ywsJmfwp00AokCydl8g-w0JrFTTLJZ6joPeDbVKArGJKlGcNVe_0VJ85AtNOsDJ4AcPpfeSz0kBfxvuI0e9FxEf-dFAjCcVyuCcm2mnZJz3So6h3jf8j8LOAdoy8qzxPjXN8OyefhCCfSSTypC7QB-Vn0KDE6Oz__7HcoyWKLGsACUbgP73h6ggf6bbMoBGbjsIOKM6G1Qzz5YYc1KBjPvLZm8dNkGu0nxt4qPoBh8SZp368fzhL3LPiMQvSwme_6N8snP-O9vsivD5oj5hpORxtUb70h72q54Jceg-RyQQUWX1Hn97TAfAvdDRIqvsEIK2v1zxRsakCyDU6xxri5tvCwicpgAJZwz4IeS4QKhp84gh1PMU_y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B78E 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bmp2bUkLdYpj0AbW7x_APy66FmAkAAAAAOAHgBAI&bg=!DwylDEjNAAacadVKvGk7ACkAdvg8WmGQwdlNF1FTzSnW7fRupCdX5RJT1ijBGXcJwbsZQQC5KjfBfAIAAAGEUgAAAAJoAQeZAvH7SltA0-Mm6-n2Oau9vNMobdyznEyoiPxySHkCJMxpvOxrHpAx9k66pzfby3UndpG-oUytQPxfDANim8GsGqE3fW93lW-AoH3isi5iJI1pXeK3avFGE0BDx6H4VbJeYKbGlbNjnqve8kqRXl25ut8shQUADeqxeaNqGXEO-XUfjvV4naTGyew0zMVC1PdKwvK8XVUTsU-jd2I9ap-HyHxzhZ-Q1Vzwl2CQcDkzYg3bRLk5iiL8rbcgcah_JKUYM5nR35MIt6YXFoDDSuTPIoLR6wyaJJeEsBxvFzNDiwuoO5i1fIgWcY0k1Xbbdnz8xoKAnvTev9lVBbCyMdWcapj5Kc483c6VmhhJKsocMzRAjdJcY1JHjFEq1NnoSkhK7BqXCG0Ts2oe6-PErtXUDI6C_of7q6EspBoixJpNR2m0XugTgQ3pPitOst-MNRZygT9PlA0DcJX6XzE3lIOtX6m9rDGnpiyU57Ce16yqs2b37mB3TskLHAtYUsRS9bDuJVnCiB3sHOJQiHgnBZtXs88DxlM3_T09IbSK5Cg0qYzuIxUfHynHokF_6kuu-YbvJXC95HgjczEZvtjVn_O-I3SvbE6dYHUdkwESbSAWPKTfKwZ4BosEv6eMIBHNRbdhYMbHlI5CeCbz8-FUII1NdQvj4ethvMsmuFWAwWYDH1JlZsNCdrV_2e0bxwMGQr4iiFgmjI_TMS4qjOpClIt8tIDfDRjWmsMMqrz5juc9DGZKyi4XPrgUP6GYq8MDHR-Yq6viokkyf3N1u8eE5rMZAo4WoVK7qNsZkFnR7ck-RzPvmtfmAsfx1p4kbTVCDXG2yJmNkslYW30hZ7YSY7IvpUA7T_d5YjXZBZpa_prZ-wMiVByVkleayW-LaCvQjrhQE24wAhdqgjhtpLeRdUs08nfn-DkY0g5vWyRm42QTXQjpoQbsgIWNkgpZhIZQTvCdPgzj1s02UOxhCZOwISYHdg6X_duo06KZGP9jMJo8q5KfcgM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js-animation_de_DE_imageanimation.js
s0.2mdn.net/creatives/assets/3389262/ Frame 8B55 		66 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3389262/js-animation_de_DE_imageanimation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8756305257970053338/index.html?e=69&leftOffset=0&topOffset=0&c=vrB3kf28P1&t=1&renderingType=2&ev=01_247
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:48:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
672
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18063
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 17:53:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:03:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8F72 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8nlnMjdqdV9GaWv22EHmTsJ0K9F1OeX2qDzJ36cl7bQsk5BhTyi5Bckl1c_F8BcewK4cSxeDgGqm1GRCbnaK7avJvw9ldsEmOprEsjaDHnfwvJ9AlnLoXyrwGI-Itlcs&sai=AMfl-YR__BalgUFmklzatck5gJdxbNAEBsQnbT3NVzmHZxwhmFGCFxkDPHTRP7v_1EVUigDnno2moe5jVs34LyEkWWYPZb_3UxLdlBV09tTg7rOpKRBJGNK_1z-3nwU&sig=Cg0ArKJSzNwp8pN9zTzBEAE&cid=CAASJORooL20KWb-glEFRqQdmHAwrbw1EEgCjynaXW77Zq4S5Sb5cQ&id=lidar2&mcvt=1032&p=1,260,41,301&mtos=1032,1032,1032,1032,1032&tos=1032,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=232922705&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658667601785&rpt=512&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js-animation_de_DE_imageanimation.js
s0.2mdn.net/creatives/assets/3389262/ Frame 985B 		66 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/3389262/js-animation_de_DE_imageanimation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/2377528/de_DE_polite.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/4889160532300580337/index.html?e=69&leftOffset=0&topOffset=0&c=YsCf3hGPVo&t=1&renderingType=2&ev=01_247
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:48:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
672
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18063
x-xss-protection
0
last-modified
Tue, 15 Mar 2022 17:53:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Jul 2022 13:03:51 GMT
truncated
/ Frame 985B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ Frame 8B55 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame B160 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQhEHUkLdYof4Acn87_UP2oy7uAkAAAAAOAHgBAI&bg=!MjGlMXXNAAacadVKvGk7ACkAdvg8WpUm_Ex60o-qX5YNtd_5mXWvpsuFYC7a3I1BCvYEsNogqstw-gIAAAE1UgAAAAJoAQeZAuj02URmV9-m0T1cYNiYDO7DoTi9p0weJTovi2jM0VGM1azKNxTUehT0ymbU_ZzSkrjy0n9V2eVgPZzYUu4d5c4kTt3GCpbYC05iT_hYP-p34lWyQhZQhLwKCqXrs5WXUAMUterfNg8T3BfmfAbI7RL-xKqyNFQNYs9-BHAEN22fdKTYiAtkU2GT4eZR9C6Sa87bhLdZebFd8WZgU5eirlQDTkH6i8Ks1fjST1rxTVNxcHroG5ySl3lxzxDG0eIWPT-DYVWk9EiJuU89V4k8gc6DMzkQSIBnGsymlkp0cTRkLuYPoxdyjGPacw9XCsfy94YEyNSK5xuzz_pQxYzX0RZzicz-OK8JoaVcKzvnbZaA-xEyKynmNF5MVQ_FD7L6wc4aFmuS8wnCtTOKpLeruYKSv5W0KMay6pYvMP0nhRiCyi9I6hfL-aej7d4wNMM7svq8L5TiAykpVRkY2wEk3Ap_FTG0Vgw1yc7SGnH9mXawfT3bqKtGi0OSv3Rgp3VpMKap1R-zmqzKWwXHmZGpLvhOQY51Y3pg5O8F3oqpDGFVtaH-1XmW9oc5EQuPr1VuOToiGxjjB2tRVRsbhpaLgl8R3fbDUhcplqRfFvdYkXWd7b5EPNwQt2ubQzH3dZO1zIBCAWUz57DAAoA9P88O9l5IPgd2BhLjah6vHVM65Rpg1-rnXbV_oZeo_OQFPKA3dBcTPm62quV_Rcn-dEcz8EMLTCC4GN6Tf2al2eBFGHZYOdkrCQzDL4m9lugbXkG5MDX9B7LRiq2DjQwMrq48sQuOdw1zKbq9xHZAzGPh_L7ghV6pOCNwbs2AqzvpxwFq0z12d8jrucDTAIh4oMvGYSv1x52z4aAZx9l_NgND0nwFMI-C4abx4rjBn10FCoCwe8pm7m-eDoDUcPhuj3nTmgvi9KLHqPC5S9MIK9FQManXnq4jKkr6WCdEAhbXmqD5vRM0GaXfBifBBoQF48gvUppDnIKtBTVuFG8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pic.jpg
s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/ Frame A4A2 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/pic.jpg?1653303357322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37dda462c57cb3b5cd0f263137150124067bbe2178bcd095128307bf0f3db602
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 23:01:42 GMT
x-content-type-options
nosniff
age
568701
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58462
x-xss-protection
0
last-modified
Wed, 25 May 2022 12:33:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jul 2023 23:01:42 GMT
rose_02.png
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/rose_02.png?1652768359896
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c44cc08f332947ebe5ec8cb106442319b98459d8f0d17e277c0543ad5ac2144
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 08:45:20 GMT
x-content-type-options
nosniff
age
360883
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1692
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 08:45:20 GMT
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZBsj,pingTime:1,time:1279,type:p,im:%7BpLoad:986%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:191%7D,%7Bpiv:0,vs:o,r:l,t:221%7D,%7Bpiv:100,vs:i,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1018,o:261,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:191,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~970.250%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~970.250%5D%7D%7D,%7Bsl:i,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:272,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a.925113%7C1a1%7C1a2,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZBsj,pingTime:1,time:1279,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:191%7D,%7Bpiv:0,vs:o,r:l,t:221%7D,%7Bpiv:100,vs:i,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1018,o:261,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:191,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~970.250%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~970.250%5D%7D%7D,%7Bsl:i,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:272,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a.925113%7C1a1%7C1a2,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZBsj,pingTime:1,time:1279,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:191%7D,%7Bpiv:0,vs:o,r:l,t:221%7D,%7Bpiv:100,vs:i,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1018,o:261,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:191,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~970.250%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~970.250%5D%7D%7D,%7Bsl:i,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1018~100%5D,as:%5B1018~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:272,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a.925113%7C1a1%7C1a2,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D37E 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7224
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 10:59:39 GMT
expires
Mon, 24 Jul 2023 10:59:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4763 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fcdfe9568032a27829212f442cf37b0e06f80a44b8e54816a5dbe90e503dbf43
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tNczMwWxHyBKF-OFCOvDWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-tNczMwWxHyBKF-OFCOvDWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:03 GMT
expires
Sun, 24 Jul 2022 13:00:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dt
dt.adsafeprotected.com/ Frame 8917 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=25d48fb0-21a6-4d5f-5226-23cb5f8dc6b1&tv=%7Bc:jhZBsq,pingTime:-10,time:1209,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuMTM0IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1658667602945%7C%7C146b6dc41dc2db0cc2fe3f435b86ee4a%7C%7Cdf92c9cff360bda3eafa3e94d6152ec7%7C%7Cf94c2b58b80f04dcdc7b768b1ab317d1%7C%7Cc0d5535b5aa799650c1483d7035d5d13%7C%7Cd991fe3400caae298330982e18883748%7C%7C20de8125f2ad40d9f1cd0a366a636980%7C%7Ce70a810ae9b9edb986fdab2e6f62df8f%7C%7C1629390669,sca:%7Bspg:99590a4c-e2c5-7f65-d2cb-99e3bc80108d%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 8A3C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuja7eBercS3nrPsis5Ip8S4MEUPAu8vGsIRzRWQQQsKWQ68gqcXQWSiY4F9WrBg8WnPMfYwL8rQ6_D_5rVKx3gOIkuNCsI2a8Nw2X-M1HdySXsUzGgR6HTXoK2nnWuh18&sai=AMfl-YRg8Q5M1IzI_ep5csZskHvoEDbh4NUaJhjzHqzu_DoiRk92-zR02HOCBrzvog0YIJkc9iWqHSdhvJF6REj28bMwHy6EKIHPvsnnMicgcyuWga6nHfWJikOiVCk&sig=Cg0ArKJSzHN4Ah2gDh7-EAE&cid=CAASJORoXWL0DuPOn338YM_IX14nXRcSOhc7OZiA_Sy6Q1ATKU-PiA&id=lidar2&mcvt=1022&p=1,1558,41,1599&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20220720&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=232922706&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658667601781&rpt=487&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0C13 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO1LoUkLdYsvFAbm4x_APkcu40AYAAAAAOAHgBAI&bg=!KimlKW3NAAacadVKvGk7ACkAdvg8Whg2_0Ptr0C6nG5COUn9I8TbC25uNw0iHXxEPPzyITlCKWU9ZQIAAAFjUgAAAAFoAQcKAHVg2qBxgnkeCWJtoswPo5JvWOpKzH2VtS3-PKQqHzinBxfjfjbZRiSza0Rfqem8cyhLwlKokhJw85Sv9ioA41h74ftDiPnjkU8031iP_T7DOCk8Q5ZNYQLtvWXnNp1kk6yK-bUsLjYfP71ku6m_2rboyb2gWumZAuuBEzflGhw6Nb5LoOCpzIamsYsX6VuM8r4j-SkpuOAQ7B21Te9GVd0ic5WXRwRn5nhDFhlU7KpL9NHf4uVmOrqNcAprqw_81RGgMSaflSgmBlcWRL2ZQRmzfKPBMh18ali0R_EkJDX93aJg8I1ArMADD1jOYj22RfY79-cRvyWBysG9nSdzOljn4or-h9voaw6CX1WmFBk755IH1hKCQxVKJH0zylpa3AClqCc7vrfdmVwfP_vWvYsfep81QW_tBwY8eleX0-eCgoIAVfVNolrYffbw6VPVbEENsqDZNh5bQ3Vx7LtSJRmQjTAimh_ubQztr0byk8V2CW3zAS9XYoVK7Y3iRHpA1YsAm97K-5abtLU9kIuvqj1ziFG28IOusCe09-noKJP_jooWGU5bn15jZ6HXgkbHhU5McSVZwRJs0x0r-pUjM8JG3XKDZvz7W-i3f0pJr6ebJvLzX8eeztiGQbrAz5nbbvUyhYHE1tofxwmDQYA7USEuQybYE-qFqdSE-6rYVf5Buik9oVppbVQGH4cD1X8InOQwUgD9m8iz2tYBZ5t3r2ZfqV79dqtteF7-ZyeCsoNG9dFTR3586DsbvVxOBOsFULr7Kzbs0HHnwcLeT_LAIS43XO-MPq_8mc5morYjhZrOpCSISh3O7f-8Xue5Gi9Lm7t8hXXwoelDnlsr4krwr5f5uInLy38E52zvCebrPLGhGNBKiqQzmZL_eToipW_0v1UNMV1zefHKaHga4CHXGGaIQzJhlkySE9IS63TYIkRB6Vovm37dKLHbBmN09_7K7hm7MEKuMftLLXNLklivNpUXVQ9aZxu6qBszbBwV9XsLlu84gIbDLHyFMTwj9DhAYOXOrNBoD--mrNN6jdFKuWeVI6MRQ_BC8D3MubgfAUdMLSwkHWEevzwBfy5EPCb1woOMXWRpVad1xLTbvRLr5w-HoXzmeDdQGYdlKF-FufRvwZfvZG8EUqdUiY_QTNd2VU6wf_Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
NH_D_WD_Affinity-Music-Piano;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMIy7bgqcqR-QIVOdwRCB2RJQ5qEAAYACCV9NFNQhMI7NG5qcqR-QIVaca7CB3frwcA;stragg=1;&timestamp=1658667603607;str=LH/NULL/428/amadeusBestPrice/ Frame 8917 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIy7bgqcqR-QIVOdwRCB2RJQ5qEAAYACCV9NFNQhMI7NG5qcqR-QIVaca7CB3frwcA;stragg=1;&timestamp=1658667603607;str=LH/NULL/428/amadeusBestPrice/NH_D_WD_Affinity-Music-Piano;strtype=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
NH_D_WD_Affinity-Music-Piano;strtype=2
ade.googlesyndication.com/ddm/activity/dc_oe=ChMItpjeqcqR-QIVKt0RCB31vQKMEAAYACDMndJNQhMI6NG5qcqR-QIVaca7CB3frwcA;stragg=1;&timestamp=1658667603623;str=LH/NULL/438/amadeusBestPrice/ Frame 58CE 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMItpjeqcqR-QIVKt0RCB31vQKMEAAYACDMndJNQhMI6NG5qcqR-QIVaca7CB3frwcA;stragg=1;&timestamp=1658667603623;str=LH/NULL/438/amadeusBestPrice/NH_D_WD_Affinity-Music-Piano;strtype=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rose_03.png
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/rose_03.png?1652768359896
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae1ee308eae3d5da06322eeba682b706063e3342df96f474b1331ca7b161e286
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:38:33 GMT
x-content-type-options
nosniff
age
336090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1571
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 15:38:33 GMT
txt1.png
s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/ Frame A4A2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/txt1.png?1653303357322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3142554007fafd5f59287ca53207a818f3d5fb564e546e9e600123a47fcaade
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 23:01:42 GMT
x-content-type-options
nosniff
age
568701
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4494
x-xss-protection
0
last-modified
Wed, 25 May 2022 12:33:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jul 2023 23:01:42 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4763 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071901&jk=884397063421171&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
rose_04.png
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/rose_04.png?1652768359896
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd382a54c3702e99ae240df883b63d3b291116f0887e2c8fff832c11b7680c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:38:07 GMT
x-content-type-options
nosniff
age
336116
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1319
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 15:38:07 GMT
txt2.png
s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/ Frame A4A2 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/images/txt2.png?1653303357322
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd6fbe741aaa07ac43be6bc163d84c377ccbd26f963c71a9e3f8aba330cd7128
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15154516734456627200/RTL_SF_TOPDOG_HPA_300x600/RTL_SF_TOPDOG_HPA_300x600.html?e=69&leftOffset=0&topOffset=0&c=TJ87tNAG0S&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 23:01:42 GMT
x-content-type-options
nosniff
age
568701
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1323
x-xss-protection
0
last-modified
Wed, 25 May 2022 12:33:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 17 Jul 2023 23:01:42 GMT
dt
dt.adsafeprotected.com/ Frame 8917 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=25d48fb0-21a6-4d5f-5226-23cb5f8dc6b1&tv=%7Bc:jhZBwb,pingTime:1,time:1442,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:203%7D,%7Bpiv:0,vs:o,r:l,t:238%7D,%7Bpiv:99,vs:i,r:,t:410%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1032,o:410,n:238,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:203,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B172~0%5D,as:%5B172~300.250%5D%7D%7D,%7Bsl:i,t:410,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~75%5D,as:%5B1032~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:592,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16.925113%7C161%7C162%7C163%7C164%7C165%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C191%7C192%7C193%7C1a*.925113%7C1a1%7C1a2%7C1a3,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame D37E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 77E0 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:40:07 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 08:48:22 GMT
server
nginx/1.20.0
age
1196
etag
W/"624ff6d6-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
bweQ26Um1xI0ymrySAjKmsVRpUH37-NqKqkzsYjKLum5GaT0Hj7AhA==
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
expires
Sun, 24 Jul 2022 13:40:07 GMT
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 1F79 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:40:07 GMT
content-encoding
gzip
last-modified
Fri, 08 Apr 2022 08:48:22 GMT
server
nginx/1.20.0
age
1196
etag
W/"624ff6d6-1b8e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
_q-mpuKQ44TdJs5e89outNNEpW-RoAsDkncbeaR5kTNQz8JGui3wfg==
via
1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
expires
Sun, 24 Jul 2022 13:40:07 GMT
rose_05.png
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/rose_05.png?1652768359896
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06c43cd4d63cf245c34604c4dfc0a591bb40d47e0f3926d2d1e12372c7041631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:38:08 GMT
x-content-type-options
nosniff
age
336115
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2395
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 15:38:08 GMT
rose_06.png
s0.2mdn.net/sadbundle/11781585936863719592/ Frame 4971 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11781585936863719592/rose_06.png?1652768359896
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed9254afaff11a9b04aa8cef4f12554aed8a15bb30793e1b91fe6b4ebda76409
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11781585936863719592/300x600.html?e=69&leftOffset=0&topOffset=0&c=vgKjwAOJ5P&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:38:12 GMT
x-content-type-options
nosniff
age
336111
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1911
x-xss-protection
0
last-modified
Wed, 08 Jun 2022 10:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 15:38:12 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 77E0 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:34:36 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
1527
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
WClb76mCHibZlIzfV9fmWDTlhrWeqwInN_NeHh2HlnOU7K0CPVEuBw==
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
expires
Sun, 24 Jul 2022 13:34:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 77E0 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
444af905658249d525906ac563e3645e022071a653482bcfdfd867a40ea86fd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28353
x-xss-protection
0
server
sffe
etag
"1282 / 32 of 1000 / last-modified: 1658527520"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Jul 2022 13:00:03 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 1F79 		312 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-77.fra6.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83

Request headers

Referer
https://salat.zahav.ru/
Origin
https://salat.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:34:36 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
age
1527
etag
W/"61b8b8ab-4e128"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
O5JLYUqWc3RJOIMdknDI8dSBSGUPxT_dR_lRx_Xq54-I7uaH8SivPw==
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
expires
Sun, 24 Jul 2022 13:34:36 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1F79 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
a7a042ad9bc24164c61eab58ccbb2372e601cf79f1309a9066fed589ae3b02b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28361
x-xss-protection
0
server
sffe
etag
"1282 / 616 of 1000 / last-modified: 1658527563"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 24 Jul 2022 13:00:03 GMT
generate_204
tpc.googlesyndication.com/ Frame D37E 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jy3NcQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
lg.php
cdn.firstimpression.io/delivery/ Frame 77E0 		1 B
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=101156%7C97048%7C97047%7C97046%7C97045%7C97043&campaignid=34%7C18%7C16%7C11%7C7%7C9&zoneid=114914%7C114914%7C114914%7C114914%7C114914%7C114914
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
jFErbwzXkxtz76cPVNg0I4RzHxvWVN78Y8pnsmNxxMXus4tSqxy8PQ==
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 77E0 		144 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
33c0b75f2fcea362daf13f94f08c562a307db5c32553f42b348011f3ca1d7ce0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:04 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
017678ce-198e-4b81-8b23-d9a7aea773c7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 77E0 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://salat.zahav.ru
date
Sun, 24 Jul 2022 13:00:04 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 77E0 		36 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=711590&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225b5eb37137836e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsalat.zahav.ru%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fsalat.zahav.ru%2F%22%2C%22domain%22%3A%22salat.zahav.ru%22%2C%22publisher%22%3A%7B%22domain%22%3A%22zahav.ru%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226a1e927d3c9976%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22711590%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22firstimpression.io%22%2C%22sid%22%3A%226962%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd1bf99a751e844f628ed01b6d63fe152ceb80701bd71987baed47024c2d160

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RaqzZsUYwQYYTI4WfevBzw5L1yil63kdZpPTDDH9wp9Bu5xaQaY%2FF7p3YBueFBfPH03HaadqP1io39xNx4Rb9sDetfU%2FviD5YYldYhMbuovnE4FaSmfxMGgiXmwkdsmNgBD4tE6h"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
72fcd62d49339950-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 77E0 		353 B
808 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=10&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.page=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.domain=salat.zahav.ru&tg_i.figroup=a23&tk_flint=pbjs_lite_v6.2.0&x_source.tid=061e66bf-7925-4a25-9473-83d7562c6456&p_screen_res=1600x1200&rp_floor=0.02&rp_secure=1&rp_maxbids=1&slots=1&rand=0.46302645422739586
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0ae7ed28c93b6bc2836eecd4dc929a8af3f30265c2eb5498d08975b24206fbcd

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:04 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
353
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
firstimpression-d.openx.net/w/1.0/ Frame 77E0 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsalat.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=061e66bf-7925-4a25-9473-83d7562c6456&nocache=1658667604008&schain=1.0%2C1!firstimpression.io%2C6962%2C1%2C%2C%2C&aus=300x600&divids=fiInstance_114914_0_33220299978982_unit&aucs=&auid=545675737&aumfs=20
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4827447f252e6b8727c1b48f563bcc91b6ad515feabb4f23317e1ceb3553c288

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
server
OXGW/485d39a
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://salat.zahav.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame 1F79 		1 B
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=101155%7C97112%7C97111%7C97110%7C97109%7C97107&campaignid=34%7C18%7C16%7C11%7C7%7C9&zoneid=114915%7C114915%7C114915%7C114915%7C114915%7C114915
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
server
nginx/1.20.0
x-amz-cf-pop
FRA60-P2
x-powered-by
PHP/8.0.14
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
x-amz-cf-id
z8Eeksy7ZgoG5DVIX4q1B4wcjRfmK2VpMOG9kRVZkIWvF3jTpLhS3Q==
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 1F79 		352 B
807 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=9&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.page=https%3A%2F%2Fsalat.zahav.ru%2F&tg_i.domain=salat.zahav.ru&tg_i.figroup=a30&tk_flint=pbjs_lite_v6.2.0&x_source.tid=46aaabf8-e649-4bf6-bd31-cbf0b97fbc2d&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8265508977811855
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d6ed351a09455ecc06e1aa032021dbb4cad7824b6a0a2c4a259fdaca200c4c14

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:04 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
352
Expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
firstimpression-d.openx.net/w/1.0/ Frame 1F79 		73 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsalat.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=46aaabf8-e649-4bf6-bd31-cbf0b97fbc2d&nocache=1658667604029&schain=1.0%2C1!firstimpression.io%2C6962%2C1%2C%2C%2C&aus=160x600&divids=fiInstance_114915_0_33220299978982_unit&aucs=&auid=545675780&aumfs=100
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
7763f115296b9c762507eccfebe933cb911d2f7b9fb8ca5af69777f7e363de78

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
server
OXGW/485d39a
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://salat.zahav.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 1F79 		144 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
72e5bf85d2c5ae9d980dc64f915ea4bf570cd56272a1cb14fe6dadd3214f6c6b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:04 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
b020ae6a-7974-4d1d-81b9-b6ca0b42bdab
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://salat.zahav.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 1F79 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://salat.zahav.ru
date
Sun, 24 Jul 2022 13:00:03 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ Frame 1F79 		36 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=711597&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%229c1f60f0e9f838%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fsalat.zahav.ru%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fsalat.zahav.ru%2F%22%2C%22domain%22%3A%22salat.zahav.ru%22%2C%22publisher%22%3A%7B%22domain%22%3A%22zahav.ru%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.2.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22106b57013672e18%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22711597%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22firstimpression.io%22%2C%22sid%22%3A%226962%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53ca978bce32715f830575bc71deae33a398f6edd9307fb4be9cc9495f740884

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FZTxvCVL66JDowKyhBZTXM2jFluZOjIX66BbP2D0CxqM1dVgTyaAttwtJklhnuvjya4ztO3gIJguHj6CbKlBr0iU0UjcrQjhJ1cvFSbrpJz2plyQ9nGiViu5wTMoKwbcr%2BZ6B%2Bb"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
72fcd62d49369950-FRA
expires
0
pubads_impl_2022071901.js
securepubads.g.doubleclick.net/gpt/ Frame 77E0 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:51:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
489
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131527
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 08:34:38 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 24 Jul 2023 12:51:55 GMT
pubads_impl_2022072001.js
securepubads.g.doubleclick.net/gpt/ Frame 1F79 		377 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
812bf583b69091bd013eb8d5c24835a187c6e14d722ccc8afdf85d1b2c450cc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 23:30:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
48596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131699
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 08:36:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 23 Jul 2023 23:30:08 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Jul 2022 13:00:04 GMT
syncframe
gum.criteo.com/ Frame 1B1A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=salat.zahav.ru
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:03 GMT
server-processing-duration-in-ticks
2228
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:59:27 GMT
server
nginx
etag
W/"62c89aaf-15b76"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 25 Jul 2022 13:00:04 GMT
sid
mug.criteo.com/ Frame 1B1A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zahav.ru&sn=ChromeSyncframe&so=0&topUrl=salat.zahav.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=5vCZJXxETXFtV1lIaGEwVU5KRXVYblFORkxMNGVJbW1zZC8zTnoxeEF4RUs4TXQvSU9JUmFiRkxrT2ZRcDhjWm9zMEgrWVhEbGtWRFdHekhDWGVoWXlSZjJNU2hSdXE0WGFlZ1VUaDdFVDF5NkxwNzNsb2F5ZWZLalJHME...
435 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5vCZJXxETXFtV1lIaGEwVU5KRXVYblFORkxMNGVJbW1zZC8zTnoxeEF4RUs4TXQvSU9JUmFiRkxrT2ZRcDhjWm9zMEgrWVhEbGtWRFdHekhDWGVoWXlSZjJNU2hSdXE0WGFlZ1VUaDdFVDF5NkxwNzNsb2F5ZWZLalJHMEdlV0RQVkhZYlEwcGhHMnZyN3Y5YWh5SkM4NkFGYzBZK1FvQ3pvRFM4cWducVQyY0FiRHRoSUprYk9tbnduYnNxT0FQenNiYlpmM3U3VVkvTGxUQVA0VERwM25JUmpDVWFrQkxoNnlNdU1mU3NreE5UeGY2QVhxUFV2KzhPcXBnemRZT3VZTUNqWitSNEdSdDY5cUEyU3ZSMVBIdlpKQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
dca92c997ac71e1af82f261f898d2c87405b6ff23e60afe2abb10848981edb6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4740
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=5vCZJXxETXFtV1lIaGEwVU5KRXVYblFORkxMNGVJbW1zZC8zTnoxeEF4RUs4TXQvSU9JUmFiRkxrT2ZRcDhjWm9zMEgrWVhEbGtWRFdHekhDWGVoWXlSZjJNU2hSdXE0WGFlZ1VUaDdFVDF5NkxwNzNsb2F5ZWZLalJHMEdlV0RQVkhZYlEwcGhHMnZyN3Y5YWh5SkM4NkFGYzBZK1FvQ3pvRFM4cWducVQyY0FiRHRoSUprYk9tbnduYnNxT0FQenNiYlpmM3U3VVkvTGxUQVA0VERwM25JUmpDVWFrQkxoNnlNdU1mU3NreE5UeGY2QVhxUFV2KzhPcXBnemRZT3VZTUNqWitSNEdSdDY5cUEyU3ZSMVBIdlpKQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1479
content-length
541
expires
0
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsalat.zahav.ru%2F&domain=salat.zahav.ru&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=UT11S3xlVWRDb2JrQmozNUJrZ2IrOVVrNjVoa2hlQlFFNzNsYmpPOFMvMVdHQ0d3OU5Vc1c0Q2ovU0pYVExxYi9wVUJnTnZjTVgveFk5WWZpUGRhZXl0N1hiMEZJd1N4M2NMc3BMa1RrcWdiR2twbzNYTi9VTUN1amkwSm...
422 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UT11S3xlVWRDb2JrQmozNUJrZ2IrOVVrNjVoa2hlQlFFNzNsYmpPOFMvMVdHQ0d3OU5Vc1c0Q2ovU0pYVExxYi9wVUJnTnZjTVgveFk5WWZpUGRhZXl0N1hiMEZJd1N4M2NMc3BMa1RrcWdiR2twbzNYTi9VTUN1amkwSm5ucDJPOWx0LytUMDJ4eTVhTDgzTkdKUWJSTCs0b3dnbjM1RDR2R0ViOHJmY0ZPM1RCVWx1bmlRUlNuQ1czREhrZndxNDFlc2JOUmZJRnBrQVFGYVJuNHA4TlJLcDhHbnhSUU5JdS9KTjBXeUlaRjc5NzZ4R1ZXdklLejIyOHU2VFZnNGwrUFRKOCtqWWRpYXQ0VWJSUmllSEFnNnRRdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
232d39c20eea11fea6e9839971995ed311699402a4f6c9c565850eec0f7847aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3389
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:03 GMT
location
https://mug.criteo.com/sid?cpp=UT11S3xlVWRDb2JrQmozNUJrZ2IrOVVrNjVoa2hlQlFFNzNsYmpPOFMvMVdHQ0d3OU5Vc1c0Q2ovU0pYVExxYi9wVUJnTnZjTVgveFk5WWZpUGRhZXl0N1hiMEZJd1N4M2NMc3BMa1RrcWdiR2twbzNYTi9VTUN1amkwSm5ucDJPOWx0LytUMDJ4eTVhTDgzTkdKUWJSTCs0b3dnbjM1RDR2R0ViOHJmY0ZPM1RCVWx1bmlRUlNuQ1czREhrZndxNDFlc2JOUmZJRnBrQVFGYVJuNHA4TlJLcDhHbnhSUU5JdS9KTjBXeUlaRjc5NzZ4R1ZXdklLejIyOHU2VFZnNGwrUFRKOCtqWWRpYXQ0VWJSUmllSEFnNnRRdz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1442
content-length
541
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsalat.zahav.ru%2F&domain=salat.zahav.ru&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://salat.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 24 Jul 2022 13:00:03 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1225
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame CD6F 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662817e21330cbf78ce4c0f606a0989b107d3dc4cf55849b6065ad9ee5096d66

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72fcd62f0da39969-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame BE6A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1658667601191
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 28ED 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 24 Jul 2022 13:00:04 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame CA48 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
28251
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 24 Jul 2022 13:00:04 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 20 Jul 2022 05:09:06 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 384230
X-Served-By
cache-lga13621-LGA, cache-hhn4030-HHN
X-Timer
S1658667604.354429,VS0,VE0
pd
u.openx.net/w/1.0/ Frame 4DA4 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1658620800000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 24 Jul 2022 13:00:04 GMT
server
OXGW/485d39a
vary
Accept, Accept-Encoding
via
1.1 google
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.221 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce14.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:04 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame CA48 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:04 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
32832ab6-f9ca-435e-8049-93b1d1086298
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame CD6F 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
254327
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
72fcd62f6e599969-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=UT11S3xlVWRDb2JrQmozNUJrZ2IrOVVrNjVoa2hlQlFFNzNsYmpPOFMvMVdHQ0d3OU5Vc1c0Q2ovU0pYVExxYi9wVUJnTnZjTVgveFk5WWZpUGRhZXl0N1hiMEZJd1N4M2NMc3BMa1RrcWdiR2twbzNYTi9VTUN1amkwSm5ucDJPOWx0LytUMDJ4eTVhTDgzTkdKUWJSTCs0b3dnbjM1RDR2R0ViOHJmY0ZPM1RCVWx1bmlRUlNuQ1czREhrZndxNDFlc2JOUmZJRnBrQVFGYVJuNHA4TlJLcDhHbnhSUU5JdS9KTjBXeUlaRjc5NzZ4R1ZXdklLejIyOHU2VFZnNGwrUFRKOCtqWWRpYXQ0VWJSUmllSEFnNnRRdz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 24 Jul 2022 13:00:04 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1241
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 28ED 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-74-8.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
5ed3b1a45272c6219956f399c6a4985142fa27446d7c9a75f91d7591960607bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Sun, 24 Jul 2022 13:00:04 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71850
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9450
Expires
Mon, 25 Jul 2022 08:57:34 GMT
drop_cookie_sw.php
csync.smilewanted.com/ Frame E619 		0
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72fcd62faeab9969-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
31b239938315f8254fd6ad27789a3ec6
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 30C7
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/31b239938315f8254fd6ad27789a3ec6
0
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/31b239938315f8254fd6ad27789a3ec6
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72fcd631a9a59969-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 24 Jul 2022 13:00:04 GMT
Expires
Sun, 24 Jul 2022 13:00:04 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/31b239938315f8254fd6ad27789a3ec6
Pragma
no-cache
Server
nginx
x-sticky-vk
1658667604608049-583
ZXPyV2KdM2fsUST8fIzP
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame C148
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ZXPyV2KdM2fsUST8fIzP?pi=smilewanted&tc=1
0
384 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ZXPyV2KdM2fsUST8fIzP?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72fcd630aff79969-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 24 Jul 2022 13:00:04 GMT Sun, 24 Jul 2022 13:00:04 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/ZXPyV2KdM2fsUST8fIzP?pi=smilewanted&tc=1
pragma
no-cache
outbid
outbid.firstimpression.io/v1/ Frame 1F79 		119 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-63.fra56.r.cloudfront.net
Software
/
Resource Hash
209c9b2905c9d96ed7d132ffde83be8ae8172f2ed14098051875afda8d5d21e1

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
119
x-amz-cf-id
taxEYRfzPR8_tYILpxqzwf_SWQCuv_Uzsrtc_5RMylv5ZZfrmlEiOA==
outbid
outbid.firstimpression.io/v1/ Frame 77E0 		119 B
369 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-63.fra56.r.cloudfront.net
Software
/
Resource Hash
2e95a6b972657e54305f6adbdffe9d5d781874939a389cbbe875b5821e6ebb11

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
via
1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
119
x-amz-cf-id
VcZAhZKEUhOBxnEHBDVBgoJas7ND1WVAU7AuaUx1DrYV1LVSAndEZw==
tap.php
pixel.rubiconproject.com/ Frame 28ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Hci5UZki3p7nYy4qouSm6Mn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1679186718607462373
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1679186718607462373
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

date
Sun, 24 Jul 2022 13:00:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1679186718607462373
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame 28ED 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 28ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5ZBV410-11-5H4L&sigv=1&esig=2~71fb356612def765a16fa6a98e32a3cf890c652d
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5ZBV410-11-5H4L&sigv=1&esig=2~71fb356612def765a16fa6a98e32a3cf890c652d
Protocol
H2
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L5ZBV410-11-5H4L&sigv=1&esig=2~71fb356612def765a16fa6a98e32a3cf890c652d
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 28ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKvtThj14KKYqHOQJsY3s3s&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKvtThj14KKYqHOQJsY3s3s&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKvtThj14KKYqHOQJsY3s3s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 28ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5ZBV410-11-5H4L
0
924 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5ZBV410-11-5H4L
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6CC2F55B81B44AE59C65972AFFC2E8C0 Ref B: FRAEDGE1512 Ref C: 2022-07-24T13:00:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-proto
http/2
content-length
0
x-li-uuid
AAXkjKVg8Z978IykxHiBGA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L5ZBV410-11-5H4L
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 28ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGE0NWI4Yjk2NzIwODEwNDMzMzc2MmZiOTY3N2NlYWI1YmEyYzE5OQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGE0NWI4Yjk2NzIwODEwNDMzMzc2MmZiOTY3N2NlYWI1YmEyYzE5OQ
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGE0NWI4Yjk2NzIwODEwNDMzMzc2MmZiOTY3N2NlYWI1YmEyYzE5OQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 28ED
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3mo_nX0LSSqzamqthVjkHw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3mo_nX0LSSqzamqthVjkHw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3mo_nX0LSSqzamqthVjkHw
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:05 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
21VRGSMZE1RDE292E1KZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3mo_nX0LSSqzamqthVjkHw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 28ED 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
ib.adnxs.com/prebid/ Frame 2EDD
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=aad099dcf17761d11d7d5bca461405ba
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=aad099dcf17761d11d7d5bca461405ba
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
b466d4ce-2d55-4c1a-99a5-7b4d341ef3dd
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 24 Jul 2022 13:00:04 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72fcd6305fa69969-FRA
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=aad099dcf17761d11d7d5bca461405ba
server
cloudflare
integrator.js
adservice.google.de/adsid/ Frame 1F79 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=salat.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1F79 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=salat.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1F79 		23 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=851731270785019&correlator=3569693534458660&eid=31068408%2C31068586%2C31068589%2C44768682%2C42531606&output=ldjh&gdfp_req=1&vrg=2022072001&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A114915)_(wf%3A21921)_(b%3A101155)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=1&adks=3467086410&sfv=1-0-38&ecs=20220724&fsapi=false&prev_scp=fi_group%3DG0&eri=1&sc=1&cookie=ID%3D7c3aea37c07f289f%3AT%3D1658667601%3AS%3DALNI_MZZZOAADELDFKp35TPM-adEuvI4zQ&cdm=salat.zahav.ru&abxe=1&dt=1658667604564&lmt=1658667604&dlt=1658667603778&idt=408&adxs=315&adys=2404&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=r8n54eul389z&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fsalat.zahav.ru%2F&top=https%3A%2F%2Fsalat.zahav.ru%2F&frm=23&vis=1&psz=160x-1&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=184288646.1658667601&ga_sid=1658667605&ga_hid=2068624016&ga_fc=true&a3p=EhsKDmVzcC5jcml0ZW8uY29tEgAYyLSsgqMwSAA.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
b9b816856f2bedc02b906021742cc075b8d864a427c54b3c0eba3e659eac67b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9663
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1F79 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db6c041090aeea21277457555b53bb522cdeb9c6684f95d5085ed903cd9bc7c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10973
x-xss-protection
0
container.html
4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F95A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:04 GMT
expires
Mon, 24 Jul 2023 13:00:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 77E0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=salat.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 77E0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=salat.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 77E0 		0
35 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3429684262299286&correlator=1252857753682813&wbsu=92935adf-29bb-4323-bc9b-0c41fbb2a584&callback=googletag.wbn1&eid=31060545%2C31068212%2C42531606%2C42531608&output=wbn&gdfp_req=1&vrg=2022071901&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A114914)_(wf%3A21935)_(b%3A101156)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&ifi=1&adks=3633991156&sfv=1-0-38&ecs=20220724&fsapi=false&prev_scp=fi_group%3DG0&eri=1&sc=1&cookie=ID%3D7c3aea37c07f289f%3AT%3D1658667601%3AS%3DALNI_MZZZOAADELDFKp35TPM-adEuvI4zQ&cdm=salat.zahav.ru&abxe=1&dt=1658667604580&lmt=1658667604&dlt=1658667603771&idt=391&adxs=985&adys=3454&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=bi9f7bvkvj2j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Fsalat.zahav.ru%2F&top=https%3A%2F%2Fsalat.zahav.ru%2F&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=184288646.1658667601&ga_sid=1658667605&ga_hid=1008015549&ga_fc=true&a3p=EhsKDmVzcC5jcml0ZW8uY29tEgAYyLSsgqMwSAA.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35473
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
application/webbundle
access-control-allow-origin
https://salat.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
92935adf-29bb-4323-bc9b-0c41fbb2a584
/ Frame 77E0 		529 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
uuid-in-package:92935adf-29bb-4323-bc9b-0c41fbb2a584
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
UUID-IN-PACKAGE
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3de2e9b2a41295bfbab79a12dbfd2e65ced5ae34238947b84726314f6a6db9bf
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

X-Content-Type-Options
nosniff, nosniff
content-type
text/javascript; charset=utf-8
sodar
pagead2.googlesyndication.com/getconfig/ Frame 77E0 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ca25b92b6d09154501768badb186855c9cf9e1e39d43daab7fb25a42301a693
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10654
x-xss-protection
0
connectmyusers.php
cdn.connectad.io/ Frame 46C0 		1 KB
897 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72fcd630edb3907c-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071901&jk=884397063421171&bg=!UlGlURXNAAacadVKvGk7ACkAdvg8Wr7yHwX0Isvr4VrbIlZZgjW8LPZoSpnh-8gm9zydg9Ghu0KZ8AIAAADGUgAAAANoAQcKAEMaZLLjNowtHBYyqFtcl5p_7rIzsagyHvooP8H8q_lybkTKmNuYt3vRQiZuqBHYQPyk1iBGmeNGw7Kin6t7ygkkQS6NmQKdTa8X1x3kFAIQLgikcl6zgGpO00b6hLoeCw4TeyxeiCe_pnaSEO7PxWnVXW0vqBWCcvkDsuItHr9uRUPIRw-wWiyfXHwINGBataBk6aM16bwxcvgCG8Gipc7P3sVfLaWf70OEPZNZsP268Y2UyV6SYT6d0e1rTtIREhJB1uT1l13L0RXmu7H1Xsdw5xeTEl0IJjdooVWroiuLjmxlBKQsKmLz25Rzqn2ksAo-pcXov5YPqYXodmgMPfBEmusNX0YOmYkGAaXbbLa37iMeaZlwMbG_H8WYVUL25sW0rvfrGZqWUG-zOgUMfxLCiqkgJUo6DwvW9CFuBhP_55y8WOhhF4Kddt3htVmGVG4O4PcADsN3Ker6_SLUzs4KPKxcu9Kft2RneaO6vtm1FuMaCmDERexVveYSBughCPhx6e4ish8YDuzYFtdHDHdB5VGm6Y4pd_iC57f1557KfPHctmqmTYItQS1wFy3zD95GVAhgqHNMTVcDQcAgEHtBhLp2sxxD5PFOw52lbL0pe6dMF81oL6aDdo4WspXJ5m0LZrCcBcPhTOh1jnj1xRNANByB4VkfcTXFjrzH_kvSH8zpHYqkP_CHr49gKfyD8a0H17GaQANbRFSWfzQjqVksBn4U_RfFtU9lokdxMIgXCzuIi3tJCw4NfR77FDCKWGW7NMkB_uIYw1jMT_taR45_6rn8uxq122DColsHeOpvFZWltKyNwvI-ENxPpfCv8KP2FLCnCTuFmFSqAKhhy7UqYVfyz1H6j3_tFh6raM9Xpqhrwcb9WMC1F_xS7iUv1dOKbb4EdDMVNuFvYg0u4mN-mRmVa3RpiKc8HdOSS63Sm2aPq0LF-3uVwdy8XxBtBcIYqOejqnELGPBtZJ_pTzR4JRNb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1F79 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:04 GMT
getuid
sync.smartadserver.com/ Frame 454C
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 24 Jul 2022 13:00:03 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Sun, 24 Jul 2022 13:00:04 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 77E0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:04 GMT
1
sync-eu.connectad.io/syncer/ Frame 711E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
72fcd6313e18907c-FRA
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
9b0d2260-1506-4750-963d-ef925ab37b9c&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame B43A
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/9b0d2260-1506-4750-963d-ef925ab37b9c&partner_id=1010
0
580 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/9b0d2260-1506-4750-963d-ef925ab37b9c&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72fcd6322a5a9969-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Sun, 24 Jul 2022 13:00:04 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/9b0d2260-1506-4750-963d-ef925ab37b9c&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 32F0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7225
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 10:59:39 GMT
expires
Mon, 24 Jul 2023 10:59:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CBC3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4dd9a658d850e1e569d7743c4a724074c4b9deffa58cbb8deef79e6231a7a085
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7VuC06T0WY0ArQs_Y_1zyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-7VuC06T0WY0ArQs_Y_1zyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:04 GMT
expires
Sun, 24 Jul 2022 13:00:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 23B0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7225
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 10:59:39 GMT
expires
Mon, 24 Jul 2023 10:59:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BCD5 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8f3ebec9bb08596e00809b5ea2f5c0abab9060688ee762f5360d6bb27b36f49e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nsV0Hf6h0c8rajAG8NXliA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-nsV0Hf6h0c8rajAG8NXliA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:04 GMT
expires
Sun, 24 Jul 2022 13:00:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sync.php
pixel.rubiconproject.com/exchange/ Frame 96D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame 32F0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame CBC3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072001&jk=851731270785019&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame 23B0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 10:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
9654
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 10:19:10 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BCD5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071901&jk=3429684262299286&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 09DB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=134127
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Tue, 26 Jul 2022 02:15:31 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
Yt1CUnMdlz7abwNNqDfBqAAA%261143
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame 4BA0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yt1CUnMdlz7abwNNqDfBqAAA%261143
0
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yt1CUnMdlz7abwNNqDfBqAAA%261143
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72fcd6327acb9969-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72fcd6324c48913a-FRA
content-length
0
date
Sun, 24 Jul 2022 13:00:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/Yt1CUnMdlz7abwNNqDfBqAAA%261143
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugJzj0c3fVOjzM0XXMD5uaB3TnFljExq05W%2Fo2N1l6tbvb%2BOODcU8oym1vN5Kx%2BjeFLbISK1noBxcnhgW0BlQIq9xqWnQc5U%2FpKVxdSFisCINVjtvU6qJTkuA4cD5eA0hHJmADS3iihWqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 09DB 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68829550&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:03 GMT
content-length
0
container.html
4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D69 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072001.js?cb=31068586
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salat.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:04 GMT
expires
Mon, 24 Jul 2023 13:00:04 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
cdn.firstimpression.io/tracking/habit/ Frame 1F79 		2 B
410 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/habit/v1?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://salat.zahav.ru
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-id
_kZnzuMWUxAeBZnA_CRmE-_kP7lCXqbCege9RdrFL-ZVFOx-VsGNDA==
898ab9aa-0b50-11ed-91e9-18c6427b0506
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame F261
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=898ab9f6-0b50-11ed-91e9-18c6427b0506
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/898ab9aa-0b50-11ed-91e9-18c6427b0506
0
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/898ab9aa-0b50-11ed-91e9-18c6427b0506
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72fcd6342d219969-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 24 Jul 2022 13:00:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
false
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Date
Sun, 24 Jul 2022 13:00:05 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/spotx/898ab9aa-0b50-11ed-91e9-18c6427b0506
Server
nginx
X-fe
72
generate_204
tpc.googlesyndication.com/ Frame 32F0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?PAmN_Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
da76572e-964e-41ad-5eb1-41ad964eda76
/ Frame 4035 		105 KB
105 KB 		Document
General
Check archive.org
Download Go to
Full URL
uuid-in-package:da76572e-964e-41ad-5eb1-41ad964eda76
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js
Protocol
UUID-IN-PACKAGE
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fd09e5825f29e8f8e2869db4bb918bd78c61c156e4051f29bb5c5f4a2ffcd40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

X-Content-Type-Options
nosniff
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
v1
cdn.firstimpression.io/tracking/habit/ Frame 77E0 		2 B
409 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/tracking/habit/v1?b=1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-74.fra60.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://salat.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
access-control-request-method
*
x-amz-cf-pop
FRA60-P2
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://salat.zahav.ru
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
x-amz-cf-id
9nw2lKhoBcUp8PI77H3yElD9RZI72mnYhXzx7d0gOmLzoLuyHYtwQQ==
generate_204
tpc.googlesyndication.com/ Frame 23B0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SoXP1Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 8D69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CsRN9VELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoElQJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcKfDCKC8etCelTeO5audHHul1UmqejJTwZ4LKDWaJVnWHJGc598i4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zNjIyMTU2NDA1MzEzMDYzGNbVEQ&sigh=c9VdIPP7fLQ&uach_m=[UACH]&cid=CAQSOwCNIrLMg4v7mxJSjoShQBcUhdy8I63M5lnA1dNW9hp93P0tTJDwFJjFshn19YMkkWJaAbfUDPz53rbKGAE
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 8D69 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k_vwE5WYY6AB2ASdg2ICAgAAAIa3FT_jkk6PttfnSAk5jtsQU0LdYm-KgDrhIfEa6OxKABIAAA&wp=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ
Requested by
Host: salat.zahav.ru
URL: https://salat.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:04 GMT
server
Kestrel
server-processing-duration-in-ticks
322245
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3976 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Requested by
Host: 4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
URL: https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0cb0c9d7cd03ba597eaf7792af98f5bf8936d7c6ec8ee6f3d9d34bbb88ce6131
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 24 Jul 2022 13:00:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=O1HHuTGbRnfZv-QbQ3nJV2GxndkoYsLKEbzMzB-kWpVHkfFwqjaVvALVYMYGgVThloAidLW85TkCRSVKNP7gvccM5eEJQhH-T8H__tmP63R2ohsU8zHNGHn3wCqSDH2wn9F8T6YtncHdmRbVVrPq4gFGA_rI2Aqy2iTfaToaYYV6uZne3eNptriBAWwy7rxbVE4QUWSHIEbPSgcAV4RG_6MUl-qQUY-gYSjHDjbNBRX7mMe1BRZlpNiMIUkHR3bg8pRvPg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
6139519
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8D69 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
URL: https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:57:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8D69 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
URL: https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 8D69 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
URL: https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:53:14 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8D69 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
URL: https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 23:30:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Jul 2023 23:30:59 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ Frame F1AC 		126 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/index.html
Requested by
Host: da76572e-964e-41ad-5eb1-41ad964eda76
URL: uuid-in-package:da76572e-964e-41ad-5eb1-41ad964eda76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b0524148c5aa0789d2d7dc63fc2485cd5fa439f405424178900c526c84a982a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
440501
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20484
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 10:38:24 GMT
expires
Wed, 19 Jul 2023 10:38:24 GMT
last-modified
Tue, 21 Jun 2022 10:27:56 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 4035 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtUW3VELdYpCZJo3h7_UPgvm02ASQ0-ura_Xj6ZKFEMrUh7jdHBABIM7D9BxgleKQgqAHoAHpxaqdAsgBCakCXCwWm2wisT7gAgCoAwHIAwiqBO0BT9DU-xL9wnXnL7CNagfLmrbcQRKCAJyrTGk_HcbW2k6-KYChrSAID7sL9Lo5u_KpXpsp_ffOiVCdSoDADoXN63wd6vq8A8qnWbzaC_sLRE9OWCyY0NgawOaDaYDh-IbZXcD_XFbAVYilYwe_MauXjFbt8pBgJgrdMYIYeHdbyaar9zG8cRNDeHRnscIRcJ33r6BxQw_rs72vMRYFjYdNXV_9WNk7teeaxYgRf2n2_hFDvuxI0UrtMwg5MpoUjIGs2mTIlBHmNrJ9tP5CL8A7uPNJkBXKzQLdvZh1KKhrLMVBssjLXGC7Gq5Y_B9XwATNsaDwoAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH_7nV4gGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDU_QTSCBEIgOGAcBABGB0yAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N4AKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNjIyMTU2NDA1MzEzMDYzGNbVEQ&sigh=kmX3lZX00nM&uach_m=[UACH]&template_id=419
Requested by
Host: da76572e-964e-41ad-5eb1-41ad964eda76
URL: uuid-in-package:da76572e-964e-41ad-5eb1-41ad964eda76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/ Frame 4035 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/abg_lite_fy2021.js
Requested by
Host: da76572e-964e-41ad-5eb1-41ad964eda76
URL: uuid-in-package:da76572e-964e-41ad-5eb1-41ad964eda76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:53:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8663
x-xss-protection
0
server
cafe
etag
1576890815193688712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:53:12 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 4035 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/window_focus_fy2021.js
Requested by
Host: da76572e-964e-41ad-5eb1-41ad964eda76
URL: uuid-in-package:da76572e-964e-41ad-5eb1-41ad964eda76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:57:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4035 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: da76572e-964e-41ad-5eb1-41ad964eda76
URL: uuid-in-package:da76572e-964e-41ad-5eb1-41ad964eda76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43235
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658317440141293"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 13:00:05 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/ Frame 4035 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220721/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: da76572e-964e-41ad-5eb1-41ad964eda76
URL: uuid-in-package:da76572e-964e-41ad-5eb1-41ad964eda76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 12:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
server
cafe
etag
13288730413591369063
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Aug 2022 12:53:14 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F1AC 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 04:11:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 25 Jul 2022 04:11:28 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F1AC 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 23 Jul 2022 16:14:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 24 Jul 2022 16:14:17 GMT
truncated
/ Frame 8D69 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04848eb5656390dd6eb58c877e549a8866b1250e9b61cab5ad9160d391b5dad9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4035 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c27b782df0cec7c8bea8329643e662e84c235c3c71317a4b6f1923a8077209c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
Logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ Frame F1AC 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/Logo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4db6f187099bef79018157255edaa41fcd3de60d4e0c94655c8a45b807898260
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
440497
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3444
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 10:27:56 GMT
server
sffe
date
Tue, 19 Jul 2022 10:38:28 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 10:38:28 GMT
Sale1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ Frame F1AC 		1014 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/Sale1.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36894b7558cd996e47abd661bcb1aed6429f8c0dffba4b4cffd9b7918b3816c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
440497
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
606
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 10:27:56 GMT
server
sffe
date
Tue, 19 Jul 2022 10:38:28 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 10:38:28 GMT
Sale2.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ Frame F1AC 		1 KB
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/Sale2.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d51420a83d6e2ba11f4c07a6adf06c60b85d8441bc8ce1d0c6b4810132b2751
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
440497
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
610
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 10:27:56 GMT
server
sffe
date
Tue, 19 Jul 2022 10:38:28 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 10:38:28 GMT
Sale3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ Frame F1AC 		1 KB
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/Sale3.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d4fd3a487b5219eee3417fac0f4956bfcf115a99732a603eed477ae9f6c2602
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
440497
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
612
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 10:27:56 GMT
server
sffe
date
Tue, 19 Jul 2022 10:38:28 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 10:38:28 GMT
Headline.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ Frame F1AC 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/Headline.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43f3d15e2d182497e5e5f56fdf022ee445f1d1493b67a33cb33d8ebe2a71c90
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
440497
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2287
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 10:27:56 GMT
server
sffe
date
Tue, 19 Jul 2022 10:38:28 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 10:38:28 GMT
ekstraordin_r.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ Frame F1AC 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ekstraordin_r.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b647a5805d102fffe0f2ffa6ce5e0a05eeb56b8b668746d647686f398ff94888
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
440497
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1248
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 10:27:56 GMT
server
sffe
date
Tue, 19 Jul 2022 10:38:28 GMT
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 10:38:28 GMT
Img1.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ Frame F1AC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/Img1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0088cec6ac2316dbb297b88ce40020a1ca450e5e20294035acdc4cabf67754c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
440496
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10785
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 10:27:56 GMT
server
sffe
date
Tue, 19 Jul 2022 10:38:29 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 10:38:29 GMT
Img2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/ Frame F1AC 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8731065135703125354/Img2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f80ab655d0ea82595864f91f12a2eba5834b24b5d485351c09de95b25cce52f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
440496
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68574
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 10:27:56 GMT
server
sffe
date
Tue, 19 Jul 2022 10:38:29 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Jul 2023 10:38:29 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3976 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:05 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 19 Jul 2023 13:00:05 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3976 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:05 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 19 Jul 2023 13:00:05 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3976 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:05 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 19 Jul 2023 13:00:05 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3976 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:05 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 19 Jul 2023 13:00:05 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 3976 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=sLOHqPUY-3mwuqzfcV0j_SfDPusMaXwhagojaBdTHl6uEl1Pz9x5gL2lLyOBGAmPkKx8XCJJ-4eUTYnlIc3E_A52oMgcV469GetyfVo8ttEY9F7UBd8qcbUF2GUtLVVhVkQFPqfZYkdeBzusxLWiKwb9F4FS4TVkp-6cj2-y1gr6xbtG7R5IXdORhzVcWG-1VXnijurJLxtsBHwT_YH-y3TvgYIv5QHpLzwU9dlJdkRo3W_7pUlULkiZIYSRP7iDuVA_8NlKLPvFfDZyIjfPJLwNvlBfKPuIFn_6RpKXagon6fRHy2yRwep0jeXoSO65kTgQu125vAQ8fLTmOsawZ8j_TbIAiXsduWGSHWj_fZ1RQDc9vCGbMFZM_cv0iftvSbP_d6c3wMSuhi6_E5yuUyWzXzpX8O0l5SD-SSIQR1bfitUsR_voxFgrKSlHUMzWQUzSZQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:04 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
303129194
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
ace23e9177254563b67a04eb6588fff6_image_ad_160x600.jpeg
static.criteo.net/design/dt/70777/220713/ Frame 3976 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/70777/220713/ace23e9177254563b67a04eb6588fff6_image_ad_160x600.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
63c0bf6197d9c9bbe02f581ce48bfd22bd46f164e79d77eeba7c86fdedd29c4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:05 GMT
last-modified
Wed, 13 Jul 2022 18:45:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62cf12b9-b2e6"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
45798
expires
Wed, 19 Jul 2023 13:00:05 GMT
all
csm.eu.criteo.net/ Frame 3976 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=O1HHuTGbRnfZv-QbQ3nJV2GxndkoYsLKEbzMzB-kWpVHkfFwqjaVvALVYMYGgVThloAidLW85TkCRSVKNP7gvccM5eEJQhH-T8H__tmP63R2ohsU8zHNGHn3wCqSDH2wn9F8T6YtncHdmRbVVrPq4gFGA_rI2Aqy2iTfaToaYYV6uZne3eNptriBAWwy7rxbVE4QUWSHIEbPSgcAV4RG_6MUl-qQUY-gYSjHDjbNBRX7mMe1BRZlpNiMIUkHR3bg8pRvPg&sds=2&rev=82182&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 24 Jul 2022 13:00:04 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3976 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:05 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 19 Jul 2023 13:00:05 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3976 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yt1CVAAJTocIu8ERAAgeOLNhoshtrcfLzIBpuQ&u=%7CI%2FgX21xYp18lcWP3QeoK0ZuTmjOVo1ZBglxFf%2BgKXVc%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNWAfGoXO4nLFqnE480YHVHx7mz-K5ZBShZo3Qw2eElHvXrl8_kUqWMNlc8EmsPkuImutrrm081vkA7SWGhGjyth0ZbWlYBNJZiBXRQgUg-Zuo2Pf3TVEtV3ITlH_BJRzAA0kz5ub6rs4lhVt2UxlfXCFWrINKv3TFn_rNxagrP7bPM0wopLoCW7w8NSEWwv_hIB6rl3bBpx98qeA70ohprWr8VV6YTWjz3sU-Gx1_lRGY31DGvOAJ604VTQyITYHUu4Y8ZIu8FeokcXE18y0I1nbpVDZonJr7KqeVUvmShmCUqH4ZCmYUx2h7ZZHqbCr6b_StA5C5yc9oKMt7xg4UgnqQLBGBki8JQXI5szbUy6Yipgty2SzmN2pCYqmV-dnxBKFjwmEGX35bU2KlLiSSLqb8ESHZjH3mRTXwssS9E3fthqTDTyOi1v6bcO1378bXP12TQca-60A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTeEsVELdYoedJZGC7_UPuLygqATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjOgAdW20uoDyAEJqQJcLBabbCKxPuACAKgDAaoEmAJP0MD30EbcimjOCRcdy6VGlJSMLf3Uq-71cCUlr3auoptx-jkMRRGh-2v5HumIq6GpebpJO6qpryY_uyWH_HCGy-X1Nd_X3tiktXWpPDc91nvMmmP6sc02VwHT_Eyn74j_pFA3SkmZWnHV6T_e1NFl5qRqwqD0-ruiMwwyV-oGCDJfW59NcDJ6jfLpNj_7ETUdb3Z5knGPA3bnsVfN8XP--oq7gF2X9EiOdPEA38SeGjjeAjfUgML792Aev2X_ehjPuEXucoybUGhzy03zu8V9rGge7U1nBFdi7vKI0hM1GdzOajHbWR9wXauPgVQTcOXBKTI79UyNKquaRnuguoOswUMccBxLQyrDFZNomkf6BBQ2Y8ydAYNe4AQBgAbu5cmhuMOa9dQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2hEqeQgrjgqgnBeqabeC52SCu4cQ%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 24 Jul 2022 13:00:05 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 19 Jul 2023 13:00:05 GMT
async_usersync
ib.adnxs.com/ Frame CA48 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.132 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 24 Jul 2022 13:00:05 GMT
X-Proxy-Origin
185.213.155.169; 185.213.155.169; 961.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
104bff7f-830c-4155-97fa-d7ffea9d611c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1F79 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022072001&jk=851731270785019&bg=!8vGl8bXNAAacadVKvGk7ACkAdvg8Wo_TmRULQPzI8s-Y3-XLgVDk9IVeBxnkThePRuFYTGmYptcWEgIAAADCUgAAAANoAQcKAEdz3jot6H2h4odXFaeZV7t-RfUQbn2D9is6N5PXR2xjgyu9BWJOBooFVh1X81akNFTUQRNpGTY6TGHNSMuq3HlKOpQnPFvV5JkCsMAYP7TN9jnlyudWp5Ocqoe746YhmlpvEmb0dhxW2BS5I6nd71rNFa5toN9Znzvp4klvhUBM_AUmbwf_CUqs9FsHyUs4Uu9BWGiyKljXO878sJaIUyEoxqmWVdOzHw00NkPlYvGtujciRbgvfQjOi4bbz4aT0swBmLYcRjcxCsmFjtM4HpW-tigAqroG3GJ_ELWmL7W2aDec8MJKTEQxPMazCIxLYecYNMUSMM400bLdQAXkczdCjWQ4-BhZ4idiEBkBY23WMR2yoni3WHNkgpbFyV5mNw2vjAbMVqdLws9VZCz08lNLKB5NQh9pwQBjiKHvvIGFB2aWE4TAgOY1Mtf2jnugdffiyt8_3ekWfeq10NpKW0NssQ9pmbGKa-9YNx3GrWEYPNHg-tT9_S87j0oPIAagRPLj_bj4S-omfRS06bEqL4o2jJbGpE2M6qt4ddKZk3hUru_Zr7aluUjzpyrefnmZyaBznvP6E0ZdIDC8_G5q4th8wSh31Tm-j6d_3EZ5S0LwYs0k-WsZGqKASStBelaC3gymyVw7XTcNqg5HNYimmyuN_mNY1-0_wm8UQ7YxSMDHFTMvkPaFBtGLO5iDNBdixEWYxP5PZeGGaHWeJo2k9jNcsbrbGviB99Bw7r68_QkUKK-0p_kTuk61FtnoKo6K_4aeEIbACRkZ0zE0pxiNdLVclecDs9X-ToEIKJ8DkdOhH7JA-Wx8_fOIJFKJFVafE74UU35jb7VkWf4xjY5JQD2bwcgorW3u_Z8rMv6YFQVwzcdlenNWok0axTShleUgldBTXZpKL7lxkUzC6CiN6o4WBq48c9LpOFlvQg8JkjrQCN5YtmTJ2MvUuYZX6QbNuSD_9d62fJeLhvTOJsFLlKGSz-BHuHg6A4vik3z_MbIA3T4r_SxEXgLQB9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 77E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071901&jk=3429684262299286&bg=!VValVhLNAAacadVKvGk7ACkAdvg8WlRgGatSaTLcKXRESNZIFPw6tzM92qx5Jkiipclm4YhwoPH15gIAAADMUgAAAAJoAQeZArBazV_ONXgeJdKYs19njPo8TdZG-aun-xZsv_-Ahl86KNYM4v-CJivUlYrF5IxTkNRRsSHp3FNEibry4--cgi5dTFKeVnCbBsQOg-zvcJaSW56G2j0e7rEDIhx_wFrn0YCcJeCJoJyIB0FbWUBvB1z_0SPDNtxFULRwtDLXDviVt4iC8hRHVBnt4Z1BtXCBCTuVBhZrw-eaiqgPgFEXC1bHqXWtzMuHPMceWN2W58UQFoeSA76fdVZr1_pUlbzFhooASG9gH5X5GqCLhaho3L5LwjYBjWRIUPg1MXPpVHfvhyiOizubpXxqAwrZGJPdfcNCHor_egQHBY57fTmSIcG30083BraqL0XuGR-bSH4x7yBK3DCr9hLS899AuZyDHx1bDmJ3kjBKa3pYtuQDgy1RadekeDhrEpaiMuSoed_T0_Ox1O5XrUoqIpL1PZ0lFS1y5tkX7vTVJ9CXuIk6WoFUxy13XjLHA1qYs_qexQRTxHS6CPMkD-KLl-JzW3jLHaxsV_X3pUXnqZ3xTE-Ycf62zbvZI0Y7W-aXt7WS7xIR9UhiFOumu66bdY9mZxZ6nxp9F_JTQfYVS2M1udgNwsXoVwNFMjBpolgQXR4naw1U-tcfNv9kjnWrz2-YBizEu3_9itRBhH_wJu6jJU9qlaEoPohEVd0i6bjuE5U7XPzFUQraLreNPw-KggRSzAGPJG8a3bf-wsUILTGFW-JnY6iyYztiekV3d4d8-XGUSrT9-hWWds5PBJwa1zyRQ6wMJXnSyx-3tXKH8eAj-mVzN5_Zgb80zO3ZnzSxTNGvWNzLHqywq3ZSTQgR05BirLvRNXe7GLLrOvde5-3VtgZLQWC1UyoQ-uKw1fH6h1PQAfn8j6yidzDt4_M-VIePqoNFDVzExV8o_32Zd5nIDN0hZxP3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salat.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 58CE 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=99590a4c-e2c5-7f65-d2cb-99e3bc80108d&tv=%7Bc:jhZCuA,pingTime:5,time:5264,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:191%7D,%7Bpiv:0,vs:o,r:l,t:221%7D,%7Bpiv:100,vs:i,r:,t:261%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5003,o:261,n:221,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:191,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B44~1,0~0%5D,as:%5B44~970.250%5D%7D%7D,%7Bsl:o,t:221,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B40~0%5D,as:%5B40~970.250%5D%7D%7D,%7Bsl:i,t:261,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:242,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16*.925113%7C161%7C162%7C163%7C164%7C171%7C172%7C173%7C181%7C182%7C183%7C191%7C192%7C193%7C1a.925113%7C1a1%7C1a2,idMap:16*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:07 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 8917 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=25d48fb0-21a6-4d5f-5226-23cb5f8dc6b1&tv=%7Bc:jhZCyc,pingTime:5,time:5411,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:203%7D,%7Bpiv:0,vs:o,r:l,t:238%7D,%7Bpiv:99,vs:i,r:,t:410%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:410,n:238,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:203,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~1,0~0%5D,as:%5B45~300.250%5D%7D%7D,%7Bsl:o,t:238,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B172~0%5D,as:%5B172~300.250%5D%7D%7D,%7Bsl:i,t:410,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:99,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~75%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:192,fm:tcvCdTO+11%7C12%7C13%7C14%7C15%7C16.925113%7C161%7C162%7C163%7C164%7C165%7C171%7C172%7C173%7C174%7C181%7C182%7C183%7C184%7C191%7C192%7C193%7C1a*.925113%7C1a1%7C1a2%7C1a3,idMap:1a*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.167.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-167-117.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 24 Jul 2022 13:00:07 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEKAKMRqyAu2AL6iXg2U2XJQ&google_cver=1&google_push=AehlK4D1S0MlgpljzfsXyYFWGc1uft-cf0AJFOVRvFk_f5Dqm3SBbFO6ztOCX2Ruv6tRIt9HdvIXrYGWihMrd3xoSbTJMuelEyjGNg
Domain
sync.adaptv.advertising.com
URL
https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEEXMIrTGsFVAWYmLX3IDJbE&google_cver=1&google_push=AehlK4BnZ37gqRvDvz1Q93lY0XO3ijjCdGrn4_urCuHbwouqe43k7qlXBDL54BaBCuDb7uLjjbOQT6Xspd1OOVP7wdl69a1nBg0

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| addScriptPromise object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| WallaTargeting object| _sf_async_config object| _cb_shared string| loadDataState object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime string| __strip_step__ object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| _cbm function| postscribe object| google_tag_manager_external object| google_tag_manager object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _mgIntExchangeNews object| IdealmediaInfC1297439 boolean| mg_loaded_798910_1297439 object| apd_options string| GoogleAnalyticsObject function| ga number| _zaVerSnippet object| _zaq function| __za_api object| _0x57f5 function| _0x1e3c object| _vadHb object| vadprebid function| vadprebidChunk object| ADAGIO object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal boolean| fifabAlready function| fi_fab object| gaplugins object| gaData number| _zaVerWidget undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| onClickExcludes function| mgReject1297439 function| mgLoadAds1297439_03f50 function| IdealmediaCReject1297439 function| IdealmediaLoadGoods1297439_03f50 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint798910 string| _mgCanonicalUri object| _mgPageView798910 string| _mgPvid object| sas object| apntag object| _ADAGIO boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests object| fiUtils object| $waitOn object| $websitePrependInContent object| $backfillRefreshObserver object| $FIslowSelectors object| $stickyPlacements object| $InContentAutoSelector object| a function| owpbjsChunk object| owpbjs object| ucTag object| PWT object| OWT string| partnerName string| key object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117 object| google_image_requests

67 Cookies

Domain/Path Name / Value
salat.zahav.ru/ Name: strip_step
Value: 2
.zahav.ru/ Name: _cb
Value: BeojsZBwPGvOFs_aC
.zahav.ru/ Name: _chartbeat2
Value: .1658667600951.1658667600951.1.DNAsaIC2-9DTD3grj2DYAaRbBsWs98.1
.zahav.ru/ Name: _cb_svref
Value: null
salat.zahav.ru/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEw0YT1lgY4AUABSAEQ0YT1lgYYAA..
.adnxs.com/ Name: uuid2
Value: 2708738296228327942
.prebid.a-mo.net/ Name: __amc
Value: 1_1658667601_1658667601
.rubiconproject.com/ Name: khaos
Value: L5ZBV410-11-5H4L
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB3+qwDjseJXAj5APvdogVCbaTd6KyMQnau0RTcz8e+19bCeIFZGPIUHWRBtHX6iWJf5/9nfKKqvTiL5hAXvaZVpo2A6U/0n5lg=
.zahav.ru/ Name: _ga
Value: GA1.2.184288646.1658667601
.zahav.ru/ Name: _gid
Value: GA1.2.1916604735.1658667601
.zahav.ru/ Name: _gat_UA-4780630-1
Value: 1
salat.zahav.ru/ Name: IdealmediaStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1297439%22%3A%7B%22page%22%3A1%2C%22time%22%3A1658667601401%7D%7D
cdn.firstimpression.io/ Name: OAID
Value: GDPR
.zahav.ru/ Name: vad-loc-code
Value: de
.doubleclick.net/ Name: IDE
Value: AHWqTUnK1cLShAEJTXwQJZLKOCJGcNm8yeYtmbsdfe7MndAcY24PPknWrZ076qprYnY
.zahav.ru/ Name: __gads
Value: ID=7c3aea37c07f289f:T=1658667601:S=ALNI_MZZZOAADELDFKp35TPM-adEuvI4zQ
.casalemedia.com/ Name: CMID
Value: Yt1CUnMdlz7abwNNqDfBqAAA
.casalemedia.com/ Name: CMPS
Value: 1143
.casalemedia.com/ Name: CMPRO
Value: 1143
.quantserve.com/ Name: d
Value: EGYBCQHYJoEA
.quantserve.com/ Name: mc
Value: 62dd4252-6add2-6b5c6-3da1e
.w55c.net/ Name: wfivefivec
Value: Ay65RPOI1OfBdg5
m.exactag.com/ Name: exactag_new_gk
Value: 5e78179f6cc54d3282606879a34e4c41%7c22.09.2022+13%3a00%3a02
m.exactag.com/ Name: exactag_new_uk
Value: 93288419e67a41829da91e1d01c664bd%7c
m.exactag.com/ Name: session_session
Value: d57e9a16dbd8427b96b6ed54
.3lift.com/ Name: tluid
Value: 2815370316190245790392
.w55c.net/ Name: matchgoogle
Value: 5
.adform.net/ Name: C
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5ddf9a0b-9fa3-47e7-8ad8-f780c79285db-003%22%7D
.simpli.fi/ Name: suid
Value: 2B5DE7F0A49D405E9450AB94AAF984AC
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22138D469D-FFFE-4998-B89E-199E24EB6B37%22%7D
.lijit.com/ Name: ljt_reader
Value: FB3sqGZH-OlxuttHQzWf7xqe
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~2670
.adform.net/ Name: uid
Value: 3982170131041398004
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Yt1CUgABRnVhUAA0
.yahoo.com/ Name: A3
Value: d=AQABBFJC3WICECywD_TVp8FIEJnacGzFBCkFEgEBAQGT3mLnYgAAAAAA_eMAAA&S=AQAAApFG4oclCKzwhEWICU41XBs
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bidswitch.net/ Name: tuuid
Value: 442f71d5-17b0-4c92-85e9-85befcae64dd
.bidswitch.net/ Name: c
Value: 1658667602
.bidswitch.net/ Name: tuuid_lu
Value: 1658667602
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-5ddf9a0b-9fa3-47e7-8ad8-f780c79285db-003%22%7D
.turn.com/ Name: uid
Value: 3911995480439717425
.bidswitch.net/ Name: google_push
Value: AehlK4DlQrw2w72AhOq5muH8SU2Kc423noyiDMi7CK9rmiu4kjMF4pSzb3v-d0rcpGLoiMLwQcxYloWob-JqHkItgTOIkOBtsDwL
.mathtag.com/ Name: uuid
Value: 1ebf62dd-4253-4300-8a16-70ac1f834775
.mathtag.com/ Name: mt_mop
Value: 4:1658667603
.criteo.com/ Name: uid
Value: f073ed03-a3cb-4879-8124-a1a3ef75c841
.creativecdn.com/ Name: u
Value: ZXPyV2KdM2fsUST8fIzP
.creativecdn.com/ Name: ts
Value: 1658667604
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2GUatD:#h!A#Ev.TOKKnyW<U1`VROYQM-:^DFyWSd(hKB%gi+]+@h@:>x(5M(.UWUIWhn/X%W#.wLP<6FISa`*%jd)5t?o2U:mb'-i(E%w`UH?u<39TILWVgVD5W=Xu*r^!Ak^3nXm/!9[$%%RP2/
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiJhYWQwOTlkY2YxNzc2MWQxMWQ3ZDViY2E0NjE0MDViYSIsImV4cGlyZXMiOiIyMDIyLTEwLTIyVDEzOjAwOjA0WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTA3LTI0VDEzOjAwOjA0WiJ9
.zahav.ru/ Name: cto_bundle
Value: 3MhEK19PeXIlMkZCSFlLSFNqQzFWTHJQcnZIbzVWc05PQ1M2M2FQZHl2UXVpWmI0RzhSaFZxV1ZTYXZSSGFBa1VwNGclMkZWTmRFYllEJTJCYlZORkR4eWRXMkxtYUZGTmtZdGp6UVFTcURobnVDQWl5dWoycUFtRVlpMHlMMjBRMElLbnFaY091aGxraUFCZ1kxMEolMkZWOUF3U2gwT2dmZyUzRCUzRA
.zahav.ru/ Name: cto_bidid
Value: vnAr2F9vZnp6UEtZeEJtRVljS2ZXbUFBSSUyQlhYJTJCQSUyRmZhZ2YxMzhpYiUyRlBWJTJCUSUyRjNOMVlYS2VhMGpqWDBFbVZDZEtvbWZKNnF6c2pFRGpyeFR5WjUyazRqUXlRS09aSWM2cDZIWVp1UWUlMkJqZU9pcmM0JTNE
ads.stickyadstv.com/ Name: UID
Value: 31b239938315f8254fd6ad27789a3ec6
ads.stickyadstv.com/ Name: sessionId
Value: 2ba419d5b9ab6f4c8af47f4e7bc1b
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&976cb5f2-4044-443f-80ec-3aed56563587"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTg2Njc2MDQ7MjswMjFHIWtq6j/LBzh+qhteYIaUjrEC+WxjhS6i402ArHoAvQ==
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2397:u=1:x=1:i=1658667604:t=1658754004:v=2:sig=AQHIDpDjkTeu3VsIuHSSioEZq1C8I3FA"
.360yield.com/ Name: tuuid
Value: 9b0d2260-1506-4750-963d-ef925ab37b9c
.360yield.com/ Name: tuuid_lu
Value: 1658667604
.casalemedia.com/ Name: CMTS
Value: 5123
.amazon-adsystem.com/ Name: ad-id
Value: A-nCZgQi1Uvzh6OVtvTixME
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.spotxchange.com/ Name: audience
Value: 898ab9aa-0b50-11ed-91e9-18c6427b0506
.smilewanted.com/ Name: sw_user_params_infos
Value: uhu8qM9a1gZ5NAD6FePkBth%2F3dB32J6WBqyPEPAa3pKxO3KH2tTIFKqDWPBgIVFQ3poxwg6wkNS61b4%2BqmWDxZp2tsGu1wRrL98eW1CbPZdFjZAvLDp3JwrTF%2BKbNMQe7YRqcu%2BLk0oSN7ULIc9iGY2%2BZjyjXlcQRl3c3DYNabwf56w4B9718MbOqF6cukSIVe%2FBAbmQ4C23XfKFEpBF48fRT1gP1G4aoLzXCZt7A9y%2F4VzQgGEHT1BJ3OyviH7NJqpnsgDmOvpF0%2FSGe6EAgpslBLWdbiLAQJ0ABr4wY%2FiEScYMLmchSL1OPIV26CvL2w3rokySZ6MWsnRLt5bL0pyklrftY9VgOj1j30ItomrJzuOym9IXe%2F2H0Xv8%2BNHUugoeAjw3V2HKEhmKIslztitJug5MYVvb9eAAj7nQgKWSC6c5G00PJ%2FEO3H64NBIDiuuRpSOG3T2%2BJ25kw5YS4g%3D%3D

19 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071901.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://salat.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://salat.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://salat.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://salat.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://salat.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://salat.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://salat.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://salat.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://salat.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://salat.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://25423005de63fc98833252de3157339a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/15422582990587932682/160x600_EN/index.html".
network error URL: https://static.smilewanted.com/js/decode_consent/decode_consent.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEEXMIrTGsFVAWYmLX3IDJbE&google_cver=1&google_push=AehlK4BnZ37gqRvDvz1Q93lY0XO3ijjCdGrn4_urCuHbwouqe43k7qlXBDL54BaBCuDb7uLjjbOQT6Xspd1OOVP7wdl69a1nBg0
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
javascript warning URL: https://salat.zahav.ru/
Message:
The resource https://ecdn.firstimpression.io/static/js/prebidamp.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://salat.zahav.ru/
Message:
The resource https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25423005de63fc98833252de3157339a.safeframe.googlesyndication.com
4529fd6dcc0bd2d88b48f5e37015a8e5.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
autocounter.idealmedia.io
b1h-euc1.zemanta.com
bidder.criteo.com
c.idealmedia.io
c1.adform.net
cat.fr.eu.criteo.com
cdn.connectad.io
cdn.firstimpression.io
cdn.idealmedia.io
cdn.jsdelivr.net
cdn.valuad.cloud
cm.g.doubleclick.net
cm.idealmedia.io
cms.quantserve.com
creativecdn.com
csm.eu.criteo.net
csync.smilewanted.com
d221oziut8gs4d.cloudfront.net
d2xerlamkztbb1.cloudfront.net
da76572e-964e-41ad-5eb1-41ad964eda76
date.zahav.ru
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
fastlane.rubiconproject.com
firstimpression-d.openx.net
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
image6.pubmatic.com
images.outbrainimg.com
images.wcdn.co.il
jsc.idealmedia.io
log.outbrainimg.com
m.exactag.com
mab.chartbeat.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mug.criteo.com
mv.outbrain.com
odb.outbrain.com
onetag-sys.com
outbid.firstimpression.io
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pm.w55c.net
pogoda.co.il
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.smilewanted.com
px.ads.linkedin.com
r.turn.com
rtb.fr.eu.criteo.com
rtb.openx.net
s-img.idealmedia.io
s.amazon-adsystem.com
s0.2mdn.net
salat.zahav.ru
script.4dex.io
securepubads.g.doubleclick.net
servicer.idealmedia.io
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
static.smilewanted.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adaptv.advertising.com
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync.teads.tv
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
google2waycm.netmng.com
prebid.smilewanted.com
sync.adaptv.advertising.com

103.229.205.242
104.16.199.73
104.16.221.74
104.18.18.126
104.18.19.126
104.22.69.131
104.92.74.8
13.248.245.213
142.250.184.226
142.250.185.66
142.250.186.130
142.250.186.166
143.204.101.193
143.204.215.50
143.204.89.74
147.75.85.234
151.101.114.132
151.101.193.108
151.101.194.49
169.50.137.184
172.217.18.2
178.250.0.157
178.250.0.160
178.250.0.162
178.250.0.165
18.156.0.31
18.157.156.229
18.66.122.74
18.66.97.73
184.24.1.49
185.184.8.90
185.64.189.112
185.64.190.78
185.86.137.110
185.89.211.132
185.94.180.126
2001:678:cb4:bbbb::11
205.185.216.42
209.54.182.161
213.19.147.44
213.202.235.8
213.227.153.221
23.213.161.68
2600:9000:214f:1200:8:48e:53c0:93a1
2600:9000:2156:c000:18:1fcd:351:7bc1
2602:803:c004:200::140
2606:4700:10::6816:37ce
2606:4700:20::681a:9a9
2606:4700:3036::6815:43eb
2606:4700:440e::ac40:9c1a
2606:4700::6810:5714
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1288:80:807::1
2a00:1450:4001:800::200e
2a00:1450:4001:806::2002
2a00:1450:4001:806::2014
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2006
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
2a02:2638::1c
2a02:2638::2
2a02:2638::3
2a02:2638::b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::714
2a05:d018:d29:3601:2eab:9250:340e:ef2b
3.120.80.21
34.215.167.117
34.235.205.35
35.186.253.211
35.190.0.66
35.244.159.8
35.244.174.68
35.71.131.137
37.157.2.238
51.75.86.98
52.17.116.244
52.18.251.16
52.222.206.27
65.9.66.63
66.155.71.149
69.173.144.138
69.173.144.139
70.42.32.63
72.251.249.13
88.221.168.201
88.221.169.78
91.226.245.88
95.101.201.170
99.86.4.77
024717640ad967a61f6cf5a91d9df5db441f64bc7f9e851f4049db08e73309bd
03609c25a1b3a1840626aca9731cbe5ebcc690f8d03434735712a778604ad113
04848eb5656390dd6eb58c877e549a8866b1250e9b61cab5ad9160d391b5dad9
06c43cd4d63cf245c34604c4dfc0a591bb40d47e0f3926d2d1e12372c7041631
06e13e753ce02eb311a0491eada8d8671a0c4fa4f85d3b94bb78ed1d0aa76289
0791a886f260dd4dd927c3195dcd2fe6020d2e331b012e23b303b5e65b1befb6
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09ba7991a0f0d3e029beaa9c2e96a733a57bce30a35bd41a9aaf252b878aeff3
0a0ec47b9217be8ac6ebb13b10444bab66068ee7518acba1265c83e5182ef759
0ae7ed28c93b6bc2836eecd4dc929a8af3f30265c2eb5498d08975b24206fbcd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba1d900a333c483b142d186c7a6158dc89d909548886d7c878419397031e2e7
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cb0c9d7cd03ba597eaf7792af98f5bf8936d7c6ec8ee6f3d9d34bbb88ce6131
118e431908217d5c3e22c9cb3a19a2648ce672fdb76845fec182aca822fcae3c
1229849f6cc44e5d72764c6b571c8261cea9cb8efef7b603b7431dd41f8f13e3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
146a64826cd7fdd7a02546901a50c199c7cd8bf2c3a87be4a051a269ab43da69
15e381ebe83f7072ae67473ceb1a2aab6d90aad977285f6f13e092b256341423
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183cb622027842b52bc16b48af8a422f960368ea64f0da08bfa4e0587047abbd
1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687
1d27f89e2708b673850caa81118e9245c6afdd422358378e09ffecce4c26dece
209c9b2905c9d96ed7d132ffde83be8ae8172f2ed14098051875afda8d5d21e1
232d39c20eea11fea6e9839971995ed311699402a4f6c9c565850eec0f7847aa
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23bdce6e7aa2382b9856180813706f01431569c4a9eba6ba22a40eb672b76c94
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27e013ff151544c63612268d1350a2053ae7bffcbc2e33f61d61f92bfd6450b2
28b85e0edaf7df1b1c0ef9e28b6dde14c95340e80476f3b51f3650be645e9201
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2bd7efe2d385b55193c9408104767487c89a960d5f8fcb0263a6e9cc4763eb06
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2e95a6b972657e54305f6adbdffe9d5d781874939a389cbbe875b5821e6ebb11
2f80ab655d0ea82595864f91f12a2eba5834b24b5d485351c09de95b25cce52f
2fe69b2a3708b621cf5830e3323d0f74fc40e55b5d547978c30a323805c96c2d
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3128e33a72cd596b8fde273a1745cb656bc55014526ef1573c8ea249e495b42c
317a78901aba3fcb0994d31e9ad8a7a8f8e79ab3e36bb1ba041831ae15544682
323e9da799553a90b73be7680a7a145ab2e9c13f43b7346fa3877eda55ecbfa7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33c0b75f2fcea362daf13f94f08c562a307db5c32553f42b348011f3ca1d7ce0
353ab4401afa449d0cd020b591c8f2615d1d62f444b9420a89b347354e420f0a
35e01e133666a5a4c960e10f1dbd418ea9015fc03fdc760f6713c69a810633a4
36d08f25413c0421fdfa6d438de53f959cf896a31d05dd4ab648d1f12a88b64e
37dda462c57cb3b5cd0f263137150124067bbe2178bcd095128307bf0f3db602
39b82ef0856fbfc7f7a1000502de2357fee22bda7916dce35a4dc15e7e65c2ec
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c41a36dd76b44cc3920801530ab906e07ecbf50ab5e51512c116033fdf66269
3d34b2f2e02c7937501dd51255ee7900c9ec823f07b3d8d0fc19c5e242058cf9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3de2e9b2a41295bfbab79a12dbfd2e65ced5ae34238947b84726314f6a6db9bf
3e000cd23f80b9d053efb8bad2dc4a959b0a54e1cce90211acd5ed3f35e4dda7
3fd055f9b0f7d6baaec7f56e269c8dcd347f6680bbd4194c57ee590a46fdb95e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4041a609884c27d2179a894e9aef5a10c48597681acb955df78f0d7f0fb1e695
420a404edd22181e827986349c994e68c5c307d254bf896bf4baa3aa06343db6
42726af88425787c6df6808aeab623df3e44047bfb32912ecf28dd315ae74f09
444af905658249d525906ac563e3645e022071a653482bcfdfd867a40ea86fd4
461d107fc613d9f2192dc29ce8c55a4e7fae5015ea83f891a8eefc8a13015ec1
4715ad16485960a12cd014e491e9a07b0d14a2c061679622e1f6648724955721
4827447f252e6b8727c1b48f563bcc91b6ad515feabb4f23317e1ceb3553c288
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e75addbeb7a3b67f24e1f77a8d9de5e11baffd15195ca582fe9d943c20a4f6
4b584cbfbc86b9d2f78d44b342945b046a53c34d2a1e976b3a9db7217e564536
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d4fd3a487b5219eee3417fac0f4956bfcf115a99732a603eed477ae9f6c2602
4db6f187099bef79018157255edaa41fcd3de60d4e0c94655c8a45b807898260
4dd9a658d850e1e569d7743c4a724074c4b9deffa58cbb8deef79e6231a7a085
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51096b09c323b3c37944c61a06af57de405f7354e6c6b7fee2f0455ae039a17b
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
515fcf87781aef040a6758d637d17d941caf08ea469656259b5fc3745b832d41
52e06b46aa5a7d6df691720c8f4f437d3156cf418d0325cfabf92110a1561831
53ca978bce32715f830575bc71deae33a398f6edd9307fb4be9cc9495f740884
548b6b4ef2653a10f71029662a952ac90b82b87d411800b78bc4c083c8b85ddd
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e5c1ca0926172cd8d958e20aceb765910d0b452f89c3ff053fc786b7aa864c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
587e3d2fd326c201f7c5a9757aee27a90db9b48c256c8df29b00a885ef07082c
58e167733e4bd82786636e673a70d7e602f4fcf4841e3375fd1661cc0733e496
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5978ff27b2ea2c95abefefca52d591ac153475bf8a36c71969e9bd06fd5ab23b
5b0112ba37acf5ed463806b6c7a703b49676dd8fb59b27106ac94c902961a108
5b5964d5e4fd2ff53d33c5f1ea3f2ad3a14bcaa156fd20185dca1c26b57cc203
5bf509ecdef069f051b5c072cbd91fdce5df8cd8fdd32ce8e57f6d9245636d36
5ca25b92b6d09154501768badb186855c9cf9e1e39d43daab7fb25a42301a693
5cd27de2bd830715518dee2d1d3c81f83836ca247c59871e11f80d8c8e099691
5d51420a83d6e2ba11f4c07a6adf06c60b85d8441bc8ce1d0c6b4810132b2751
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5dcab82cafee4b90390d3cc71590cc2db89ded58fa50f5e81c77dda57bc639e4
5dd6d82d98b2306b1c86bfd9722f3f8b5525edc75c7965b7dbdd2bab2c74bdae
5e0193ce34cbadb5876a149e44a5cf4844f3ff897034b6e67127e7b395754977
5e4008f4ee1ae18c45c4a2e591f1cbedfa574cd8183d4dd9532e0d57670456cd
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5eae50f61bc5d236759611671bb2999991897dc3aa8afd97ed3cd29a231ceb59
5ed3b1a45272c6219956f399c6a4985142fa27446d7c9a75f91d7591960607bc
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5fd1bf99a751e844f628ed01b6d63fe152ceb80701bd71987baed47024c2d160
60531e79a8bcd2aea26e031d6c09a2da7ca3c074bea5d4585a5009d52e17f81c
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fed899d2665d064c8bd29c322821c681dc1c44f6188a73fb831482ae4cb68a
624f0494fca1a39f49b63bc119f7f76161c6cb1af4d6f8a34fd8ba627c195868
63c0bf6197d9c9bbe02f581ce48bfd22bd46f164e79d77eeba7c86fdedd29c4a
645af482628978e85ad44889c7e8fe1bcbde15c054c061babafd435a0a9d8de4
659aba74af795768d9d8d2ed688e49cd5f47d9425d5a1630329a845759b4591d
662817e21330cbf78ce4c0f606a0989b107d3dc4cf55849b6065ad9ee5096d66
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68727564309c61973bca34183a0dc1d4d6f2a29b0e94ce0b4fd856ad03a1ed4e
6c7ebbcd4e2fcd7051ea17c4a7ad41529f2c5053cb42179a50a3aacd02249e20
6cc561aee2db838bb493c64b9d1d66efbb56806d7ce9aa43c6d1603ca99f02d6
6ebfd4fb0595bd1cc9d26dc3a82977966b708a6dd4287b9fb9f7a383704d9cce
7194753094869fd71f108ce1f0e6e8d337435f706e17a4267bae4d9973ba7971
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e5bf85d2c5ae9d980dc64f915ea4bf570cd56272a1cb14fe6dadd3214f6c6b
735c58ee6fccefbac6a168403deb38170083705ff94e5457c7005e1afb6ec594
764898e4528201a12c5f89cabdf59d2a4fc81d69cdfa9850e2249bb7a08d2e56
7747eaa3f8f28a5808289cb6c49765af4048e0660c1d26e6c93f4882718a334a
7763f115296b9c762507eccfebe933cb911d2f7b9fb8ca5af69777f7e363de78
786e039e5d67e37cd528fcc1119effeb108df4eb860a06d92748306aef4d73fd
78904a47430206f2168510cae6370486a90ef7db834c8a533c9b6e6277d9a64e
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85
7a434aba1df5e9a117e0ea9db71da1e70901b10748b7545dd956935e2a7eaa9b
7a754c1cccac5b978b49a6e0061dfa05a554fd8be39789ed5a2c69c19d52492a
7f99cfc666f597f0d824cb2af5b4ccebb4438ff6c5c89a74d68db0a286ff62e9
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
812bf583b69091bd013eb8d5c24835a187c6e14d722ccc8afdf85d1b2c450cc0
838c330520b20c02cd611bc21cfe143ee07ed5df8a25d50be9b1c6c559be2053
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d98c58214039d8317f6519c1441b13d920e83988a58cfc51ea5dbcbe7094e0
893cfb4d8c1d7ef898902f1128407e3e23248cce089474ffd9de6cefc824d1fa
89bdf16061e7d6993f28e5afa3e77d2ab609272631a3c3f55ecace8191dce4b4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b0524148c5aa0789d2d7dc63fc2485cd5fa439f405424178900c526c84a982a
8c206ed7a05f8f7c87339fb729d985e0ce4bab5b615aae94db6878c341cae57f
8c44cc08f332947ebe5ec8cb106442319b98459d8f0d17e277c0543ad5ac2144
8c973fc683837b2b8c9392b6c4115c52f98b8c8c74242b0a2cafa677c60fa1f4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d93251c9dee8efd8db7b69ccc51c0b6ca0726f38693c369202ebb2459c459e0
8e7c73455a3092bb70bbdd2e99bb15aa34a44da5dbdddaf932e1197d17ea0db7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f3ebec9bb08596e00809b5ea2f5c0abab9060688ee762f5360d6bb27b36f49e
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90e3bc6ed5a172be081c1c9134dda1cd38751c7f16fa45b512820c69a4c9cb38
9180f589b3c6ace89b0d577f9bbc4d136d2fab3e2c19831caa0bd815f0702d83
921d70b41eaaf85f299bc6e960a810a3d362e548cd4d82b2b63a0ec7f7937ddf
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
93928f8b02f431a0a4ca5f36c894632b40ea82b31e3afb4ae24842b75f2bd3e6
944d20a52fe38b3e7755723735053cb665560c6e50bf3b236c9b7a591d42903a
9567d9c2d5012c7282f683ac1252b842adb1df2d5e17e16873bc53af5d8a3b52
95db6265c2c336d53707a24c7f8ccfcc921965c848f18bfc64988ddf4fdf8b75
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98a56ebbfe93676bb6349958afd6fc5a5c71d428b2090ce3963859a1f1193b04
9a914169751b5d6be1f49ee6ffa75344678d49590fc7274458d337448f3202da
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c0c3c81286fcacd652bc70b788af7de04ce5ad41fea7835d40fb4f266a6e765
9df6eeb6712aed2f872ba26de78f1b8e829f45eb33526f6d1d272414f48b70fa
9ecb4dcce240cb5b5e725e285667fa590b7f49a0fcad3403c63943f0d2f3ae4d
9fd09e5825f29e8f8e2869db4bb918bd78c61c156e4051f29bb5c5f4a2ffcd40
9fd2327c0977145ad39aa0a8363647e257a84b60c729ccf2fc495c4afe0996dd
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0088cec6ac2316dbb297b88ce40020a1ca450e5e20294035acdc4cabf67754c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b95607d3ea9371fb72c392e8ae3d77dd3a4a315cedacd47cbaa0d2b44a53b1
a49a38f404f63572d741df77e06dff826e77966d0d6d100a5ac5465865de7b24
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68cf86fec22694c8244ff9665ad817844d2dc8de3036c907df3383cbba8a719
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a794c5639534075e546b86b010f667ba3b5862e6a635cf8265a761a67d0ba6fd
a7a042ad9bc24164c61eab58ccbb2372e601cf79f1309a9066fed589ae3b02b2
aa6370e17335c4acdccdf146e0884e4a7d1b619ce0659b1dd52f5b191179686b
aa8500475817d5d0853ef45ff33b8d8396cd302bf681e395d0ab315d8a232d28
ad3a176bf19eed7e5145489ea6723082d5602f0bc81eb1d800c7345fd547081a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ade52bf7b58c936e0f37827e30236bebe18f3f5e27816d3dadeed7465c631d9e
ae1ee308eae3d5da06322eeba682b706063e3342df96f474b1331ca7b161e286
ae633993bc7b3cab03ed1c6c815522b7cfeb0b8d34cbd1d97526220fc758b8e3
af41628212503c246148904d2e76d573f19fc550cf7f4cc97ca8e003bcf23ef6
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22737ff0cffbc4224eed81781e00c9eb3a242590c59a3c14b11ed5bae83a6f1
b2ef051b98b84d82fe51a9468dddd00e020d78b74e9f504f02a27a480be97ed1
b3af94dbaf82dcb28d1c9ca2efe079cd98a19b491d6bc8ee5295756a1b6b5ada
b4fa6a0fa39bef38595f2e114d87033f13096b599a2ccbba9800a19b45311bbb
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b647a5805d102fffe0f2ffa6ce5e0a05eeb56b8b668746d647686f398ff94888
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
b9b816856f2bedc02b906021742cc075b8d864a427c54b3c0eba3e659eac67b8
bae47f05fab735e5ccacfdd509725f17024d181e1a7208066b02df25ad3149f0
baf0b1f6135275d03c6a1ca7312ed3329de14b243b741bb7c4b232e62d0b12d7
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bceca3a77c72bf2cb182849e0298143df3931fe1251adc2d4cd2be1b75d9085e
bdf39a7fddcfb048c35c871282ce0f1de7866e18be3cf1353da9262b509fa0e4
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d
beabe65680c8743ac2c03b469d77be5bdd4746db71a57352d44924991109fa65
c095e8bb2c4bd17bd3b580faf8ac411551b1bc9751bc6774290755046cc16f4d
c17602e8e7a9b133730e25188ceb9d5e579dac68e5fc5946c5da727d783dcbcb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27b782df0cec7c8bea8329643e662e84c235c3c71317a4b6f1923a8077209c0
c3142554007fafd5f59287ca53207a818f3d5fb564e546e9e600123a47fcaade
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c43e4fe528c3b9421c0f7283bd7cc0d4771ec956de84369c1134dc6b0da9a5ce
c460736c4c044d62b251832921ea45b6a9c262eba4e8aa63bcf0645bc44067e8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9695b6a5395bcde3e07b63a72772ca2b69d329adb4d3d8d575011cde08ea33f
ca1b59edad594c473406b0d8c86ae35a4bced3eaaef9935f0012b90eb5ff62c0
cb0cac59cafcfa2cd1e57653986d3f1be16f913ff0fa8cc0343822bd7dff3aa4
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
cd6fbe741aaa07ac43be6bc163d84c377ccbd26f963c71a9e3f8aba330cd7128
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0047b9e47197b6e4fc8377caa86fb9736408379bc1a6c1da998c87cc5961bd2
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d25b470928984e737126b7d9718a4217c2acfbc03314ae65fa2de9c63dea6092
d36894b7558cd996e47abd661bcb1aed6429f8c0dffba4b4cffd9b7918b3816c
d47b5245063e16f813dbf9027334057dba129d0676a31465ec93569ed236802b
d592c87184fd9953afc6fce5e6ade6e09d6831e3644951cd44e03f7fef164b85
d5cb8f53fe4a979a223d4c02094bd9d8c736fdcc00396abbf9422f7bc4f53c82
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d6d69a2b5e7c295f2272cd3f57bad7890ec993c5b15f4da7beac97a5d2447de0
d6ed351a09455ecc06e1aa032021dbb4cad7824b6a0a2c4a259fdaca200c4c14
d765dbce936411395a2e3b703094f831d15f709b5611abe1a5260a97c6ae2266
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da4a76da2f7b8699744313947182d57adebfbea051b931c01df1f73e41d5ff33
db6c041090aeea21277457555b53bb522cdeb9c6684f95d5085ed903cd9bc7c5
dca92c997ac71e1af82f261f898d2c87405b6ff23e60afe2abb10848981edb6b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de47686008f84ef74616c8b12a66b97989cab2603260e4c2eb3ceedf2dee89fe
ded0c11f04f5ab6678e0f8bfb4257f642be20685d63516c654e1541d74c1d8a7
df82103964af79600d60bc2deec44a4910a3435e07325b82f9ce86d6d0489361
e10cd660b15acaf2d6f6cd2d38cf042b4d2a724bb62f51c6bb75c1ac85b193ba
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0340c3bfad8cbb5a5fd678d4764a09007adda01e47d03f13de6edfb0ea222
e56d4cfa517f5ea7e3dfe08628a062bee69ff18b96dedeadb0b6c130bf305107
e6465e575b87cc0e13f3cf2751f204587eeb85bddffe875a290c37af89788012
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e791fee39bda4f5c786428a56c3e3c31d3bd81a4b87b7ce297440c08a451c454
e7d159484068d41014e7979c58712a67963443c46f24c58db30418956d6bf2e3
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
eadf1686562c30358f0213b47326487c7ef7daa97b57ec5f9090e9a3bf70fbbd
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb51cd9aa2f7045cbaf18d6f211e0018f379c29cf9d8de114828929b56696c17
ebe404ff7f3ac7c25c55e4d8459d5fb7d1084de6f770852251235eaa52556d77
ec2415ed9d7875a4301e8c2f911a3c9b6638a72780b67c668416e17b1536db9d
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed72b753b65a621eb94b290cd55834191051d53d9eaac856574a0d046bc85bc9
ed9254afaff11a9b04aa8cef4f12554aed8a15bb30793e1b91fe6b4ebda76409
edcf37f06edaa8bb1d803af6f0e43f5b145307004583d8f7fe32de8fcfa14754
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0efcdeeb70aee0e9a522dc1f5ac5ff7be8f5ebab6415ede07ac1518d9177648
f413856ff75bc4ed694c009a64bb22a4690ae4e94b1224c5cb890f848f8e374c
f43f3d15e2d182497e5e5f56fdf022ee445f1d1493b67a33cb33d8ebe2a71c90
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6b10140afb74574fc4650a28a7a662b6a2ca7a24fa11207898a5836baf6f14c
f7488b3bd575c3a1566d8318c76f549d3f021f4c55561bc478ecde5e4174103d
f7fb777f4c0717a6398647b9e78a227d87fb552c47691c358f38b6af4c9bae5a
f82903ee891c5531102f6e8f78466541e7d68aa4d668820d894dc9d6a6afb398
f90d7eb38129dcb951882e87003277209e1c97adf53cc365ff43b83c8aad9d9c
fa9efa00a715700d9dd94213288ca6924c7057dd521206c6d88b314bf096d788
fc010d885e0099b26383a796194c1859190aafa47f2e4a955a180d968f1d5d33
fcdfe9568032a27829212f442cf37b0e06f80a44b8e54816a5dbe90e503dbf43
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
fdd382a54c3702e99ae240df883b63d3b291116f0887e2c8fff832c11b7680c8
feeb7a791a71ff0e704608b628731b0d103464cf805de0ed057a69ef3c717782