urlscan.io logo urlscan.io
SecurityTrails logo

www.zahav.ru Open in urlscan Pro
13.225.78.62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.zahav.ru/
Effective URL: https://www.zahav.ru/
Submission: On January 30 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 104 IPs in 13 countries across 78 domains to perform 892 HTTP transactions. The main IP is 13.225.78.62, located in United States and belongs to AMAZON-02, US. The main domain is www.zahav.ru. The Cisco Umbrella rank of the primary domain is 732565.
TLS certificate: Issued by R3 on December 8th 2022. Valid for: 3 months.
This is the only time www.zahav.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.225.78.111 16509 (AMAZON-02)
19 13.225.78.62 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:230... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
7 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
33 2a00:1450:400... 15169 (GOOGLE)
1 205.185.216.42 20446 (STACKPATH...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
32 193.150.127.23 56839 (DABLTECH)
13 91.226.245.88 56839 (DABLTECH)
7 2.18.85.96 16625 (AKAMAI-AS)
1 100.26.19.24 14618 (AMAZON-AES)
10 2a09:7c44::22c9 44477 (STARK-IND...)
8 13.224.189.40 16509 (AMAZON-02)
1 13.224.189.103 16509 (AMAZON-02)
12 13.32.110.7 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 65.9.84.231 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 172.217.19.102 15169 (GOOGLE)
1 13.224.194.34 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 13.225.78.118 16509 (AMAZON-02)
8 2606:4700::68... 13335 (CLOUDFLAR...)
6 199.232.18.132 54113 (FASTLY)
2 2.18.84.208 16625 (AKAMAI-AS)
2 54.78.253.158 16509 (AMAZON-02)
2 2a04:4e42:200... 54113 (FASTLY)
11 70.42.32.127 22075 (AS-OUTBRAIN)
9 34.251.153.76 16509 (AMAZON-02)
14 2602:803:c003... 26667 (RUBICONPR...)
3 8 104.18.33.19 13335 (CLOUDFLAR...)
5 185.64.189.112 62713 (AS-PUBMATIC)
5 19 37.252.171.85 29990 (ASN-APPNEX)
7 35.244.159.8 15169 (GOOGLE)
1 213.19.147.43 26120 (RHYTHMONE)
10 23.62.221.169 16625 (AKAMAI-AS)
5 13.224.103.22 16509 (AMAZON-02)
1 9 104.22.68.131 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 213.227.153.223 60781 (LEASEWEB-...)
1 2a02:2638:1::1a 44788 (ASN-CRITE...)
4 9 51.75.86.98 16276 (OVH)
1 52.206.83.201 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
106 2a00:1450:400... 15169 (GOOGLE)
1 83 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::2 44788 (ASN-CRITE...)
3 2a02:2638:1::4 44788 (ASN-CRITE...)
27 2a02:2638::3 44788 (ASN-CRITE...)
3 178.250.2.148 44788 (ASN-CRITE...)
5 2a02:2638::21 44788 (ASN-CRITE...)
12 2a02:2638::c 44788 (ASN-CRITE...)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638::2 44788 (ASN-CRITE...)
12 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 6 52.51.7.182 16509 (AMAZON-02)
22 76 142.250.180.226 15169 (GOOGLE)
10 22 185.80.39.216 27381 (CASALE-MEDIA)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
91 2a00:1450:400... 15169 (GOOGLE)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 35.190.0.66 15169 (GOOGLE)
5 5 185.64.190.78 62713 (AS-PUBMATIC)
4 7 69.173.144.138 26667 (RUBICONPR...)
6 6 52.213.117.117 16509 (AMAZON-02)
5 5 213.19.147.45 26120 (RHYTHMONE)
2 4 2001:678:cb4:... 56396 (AMOBEE)
1 3 2620:116:800d... 16509 (AMAZON-02)
4 3.33.220.150 16509 (AMAZON-02)
2 2 35.186.193.173 15169 (GOOGLE)
4 4 3.67.59.246 16509 (AMAZON-02)
2 2 34.239.109.150 14618 (AMAZON-AES)
5 5 37.157.2.234 198622 (ADFORM)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2600:9000:214... 16509 (AMAZON-02)
10 172.217.18.2 15169 (GOOGLE)
1 85.14.248.71 24961 (MYLOC-AS ...)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
1 35.186.253.211 15169 (GOOGLE)
4 5 72.251.249.13 32475 (SINGLEHOP...)
14 2600:1f18:1ac... 14618 (AMAZON-AES)
5 5 13.248.245.213 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
2 2 3.126.56.137 16509 (AMAZON-02)
1 1 185.29.132.241 30419 (MEDIAMATH...)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.2.146 44788 (ASN-CRITE...)
1 2.18.36.181 16625 (AKAMAI-AS)
2 104.18.36.94 13335 (CLOUDFLAR...)
2 23.47.106.229 16625 (AKAMAI-AS)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 67.220.226.232 16509 (AMAZON-02)
3 5 52.46.143.56 16509 (AMAZON-02)
1 1 37.252.171.21 29990 (ASN-APPNEX)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 72.251.241.204 32475 (SINGLEHOP...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 2.16.238.20 20940 (AKAMAI-ASN1)
1 3.69.128.123 16509 (AMAZON-02)
1 8.2.108.194 46636 (NATCOWEB)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 185.86.139.106 201081 (SMARTADSE...)
892 104
1    13.225.78.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-111.fra2.r.cloudfront.net
www.zahav.ru
19    13.225.78.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-62.fra2.r.cloudfront.net
www.zahav.ru
12    2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:2304:5c00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2606:4700:20::681a:6a4 (United States)

ASN13335 (CLOUDFLARENET, US)
mignews.com
1    2606:4700:10::6816:e96 (United States)

ASN13335 (CLOUDFLARENET, US)
www.9tv.co.il
1    2606:4700:20::681a:d9c (United States)

ASN13335 (CLOUDFLARENET, US)
nep.detaly.co.il
1    2a02:26f0:3500:593::f33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
c.files.bbci.co.uk
7    2606:4700::6810:dd4a (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.idealmedia.io
c.idealmedia.io
servicer.idealmedia.io
autocounter.idealmedia.io
cm.idealmedia.io
4    2606:4700:3034::ac43:b6f4 (United States)

ASN13335 (CLOUDFLARENET, US)
pogoda.co.il
33    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
1    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
32    193.150.127.23 (Israel)

ASN56839 (DABLTECH, IL)
doska.zahav.ru
13    91.226.245.88 (Israel)

ASN56839 (DABLTECH, IL)
PTR: dabltech.co.il
date.zahav.ru
7    2.18.85.96 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-85-96.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    100.26.19.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-26-19-24.compute-1.amazonaws.com
ping.chartbeat.net
10    2a09:7c44::22c9 (Meppel, Netherlands)

ASN44477 (STARK-INDUSTRIES, GB)
freecurrencyrates.com
8    13.224.189.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-40.fra2.r.cloudfront.net
images.wcdn.co.il
1    13.224.189.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-103.fra2.r.cloudfront.net
ecdn.analysis.fi
12    13.32.110.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-7.vie50.r.cloudfront.net
ecdn.firstimpression.io
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.84.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-84-231.ams1.r.cloudfront.net
d2xerlamkztbb1.cloudfront.net
4    2a00:1450:400d:804::2014 (Ireland)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
1    172.217.19.102 (United States)

ASN15169 (GOOGLE, US)
PTR: muc03s07-in-f102.1e100.net
ad.doubleclick.net
1    13.224.194.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-34.fra2.r.cloudfront.net
d221oziut8gs4d.cloudfront.net
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
16    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
7    13.225.78.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-118.fra2.r.cloudfront.net
cdn.firstimpression.io
8    2606:4700::6810:c749 (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.idealmedia.io
6    199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)
odb.outbrain.com
mv.outbrain.com
2    2.18.84.208 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-84-208.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    54.78.253.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
tag.escalated.io
2    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
11    70.42.32.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
9    34.251.153.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
tracking1.firstimpression.io
14    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
8    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
19    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
firstimpression-d.openx.net
u.openx.net
1    213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
10    23.62.221.169 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-221-169.deploy.static.akamaitechnologies.com
images.outbrainimg.com
5    13.224.103.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-22.zrh50.r.cloudfront.net
outbid.firstimpression.io
9    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1h-euc1.zemanta.com
1    2a02:2638:1::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
9    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    52.206.83.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-83-201.compute-1.amazonaws.com
hb.minutemedia-prebid.com
4    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
7    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
17    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
ffc13fe933f5196d3afbf06344ee7d5c.safeframe.googlesyndication.com
a74e63c6efbe6f16f103d9d7d15d0b0a.safeframe.googlesyndication.com
b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
fe57972bc97691b997752e012384b7bd.safeframe.googlesyndication.com
106    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
83    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
3    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
27    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
5    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
12    2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
13    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
12    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
12    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    52.51.7.182 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-7-182.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
fw.adsafeprotected.com
76    142.250.180.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s34-in-f2.1e100.net
cm.g.doubleclick.net
22    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
6    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
91    2a00:1450:400d:805::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
3    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
5    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
6    52.213.117.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-117-117.eu-west-1.compute.amazonaws.com
match.360yield.com
ice.360yield.com
5    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
3    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
4    3.67.59.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-59-246.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    34.239.109.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-109-150.compute-1.amazonaws.com
ads.avct.cloud
5    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
6    2600:9000:214f:0:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
10    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
googleads4.g.doubleclick.net
1    85.14.248.71 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
5    72.251.249.13 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
14    2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
5    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    2a05:d018:d29:3605:d10d:341f:58cf:383f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2.18.36.181 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-36-181.deploy.static.akamaitechnologies.com
acdn.adnxs.com
2    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    23.47.106.229 (Marseille, France)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-106-229.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    67.220.226.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    2.16.238.20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-20.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    3.69.128.123 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-128-123.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
2    185.86.139.106 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
Apex Domain
Subdomains		 Transfer
206 googlesyndication.com
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
ffc13fe933f5196d3afbf06344ee7d5c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
a74e63c6efbe6f16f103d9d7d15d0b0a.safeframe.googlesyndication.com
b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
fe57972bc97691b997752e012384b7bd.safeframe.googlesyndication.com
1 MB
135 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
ad.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 211
static.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 325
1 MB
91 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 283
1 MB
65 zahav.ru
www.zahav.ru — Cisco Umbrella Rank: 732565
doska.zahav.ru — Cisco Umbrella Rank: 690614
date.zahav.ru — Cisco Umbrella Rank: 645621
1 MB
44 criteo.net
static.criteo.net — Cisco Umbrella Rank: 647
csm.eu.criteo.net — Cisco Umbrella Rank: 7891
pix.eu.criteo.net — Cisco Umbrella Rank: 7989
347 KB
33 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 23751
cdn.firstimpression.io — Cisco Umbrella Rank: 24152
tracking1.firstimpression.io — Cisco Umbrella Rank: 84060
outbid.firstimpression.io — Cisco Umbrella Rank: 52985
828 KB
30 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 472
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416
21 KB
27 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 454
pixel.rubiconproject.com — Cisco Umbrella Rank: 308
eus.rubiconproject.com — Cisco Umbrella Rank: 537
token.rubiconproject.com — Cisco Umbrella Rank: 548
20 KB
26 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 716
fw.adsafeprotected.com — Cisco Umbrella Rank: 764
static.adsafeprotected.com — Cisco Umbrella Rank: 616
dt.adsafeprotected.com — Cisco Umbrella Rank: 557
295 KB
24 gstatic.com
www.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn0.gstatic.com
fonts.gstatic.com
328 KB
24 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1279
widget-pixels.outbrain.com — Cisco Umbrella Rank: 3116
odb.outbrain.com — Cisco Umbrella Rank: 1529
mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5415
mv.outbrain.com — Cisco Umbrella Rank: 2818
182 KB
23 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
5 KB
21 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
acdn.adnxs.com — Cisco Umbrella Rank: 534
secure.adnxs.com — Cisco Umbrella Rank: 409
38 KB
17 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 730
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12826
ads.eu.criteo.com — Cisco Umbrella Rank: 7817
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9740
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173
gum.criteo.com — Cisco Umbrella Rank: 388
mug.criteo.com — Cisco Umbrella Rank: 2753
124 KB
15 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 76519
c.idealmedia.io — Cisco Umbrella Rank: 65002
servicer.idealmedia.io — Cisco Umbrella Rank: 74672
s-img.idealmedia.io — Cisco Umbrella Rank: 64789
autocounter.idealmedia.io — Cisco Umbrella Rank: 76461
cm.idealmedia.io — Cisco Umbrella Rank: 21114
200 KB
12 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 358
251 KB
12 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 463
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 450
image6.pubmatic.com — Cisco Umbrella Rank: 733
156 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
555 KB
10 outbrainimg.com
images.outbrainimg.com — Cisco Umbrella Rank: 2217
86 KB
10 freecurrencyrates.com
freecurrencyrates.com — Cisco Umbrella Rank: 264972
151 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 725
2 KB
9 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 4103
prebid.smilewanted.com Failed
static.smilewanted.com — Cisco Umbrella Rank: 10320
18 KB
8 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 902
s.amazon-adsystem.com — Cisco Umbrella Rank: 271
6 KB
8 openx.net
firstimpression-d.openx.net — Cisco Umbrella Rank: 79745
u.openx.net — Cisco Umbrella Rank: 640
rtb.openx.net — Cisco Umbrella Rank: 1634
1 KB
8 google.de
www.google.de — Cisco Umbrella Rank: 5986
adservice.google.de — Cisco Umbrella Rank: 8741
2 KB
8 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 116772
78 KB
6 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2166
ice.360yield.com — Cisco Umbrella Rank: 1956
2 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 274
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 414
3 KB
5 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 329
2 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 592
3 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 568
3 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 281
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 304
1 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 748
r.turn.com — Cisco Umbrella Rank: 3187
2 KB
4 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1392
sync.1rx.io — Cisco Umbrella Rank: 507
2 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 76466
122 B
4 pogoda.co.il
pogoda.co.il — Cisco Umbrella Rank: 503207
11 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1733
2 KB
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 632
1 KB
3 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12230
1 KB
3 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2918
310 B
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1457
mab.chartbeat.com — Cisco Umbrella Rank: 2203
25 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1343
417 B
2 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4907
sync-eu.connectad.io — Cisco Umbrella Rank: 3275
874 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 518
728 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 577
cdn.indexww.com — Cisco Umbrella Rank: 1508
2 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 556
900 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 767
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 3490
890 B
2 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 31320
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905
1 KB
2 zemanta.com
b1h-euc1.zemanta.com — Cisco Umbrella Rank: 23517
293 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2192
25 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 359
10 KB
2 escalated.io
tag.escalated.io — Cisco Umbrella Rank: 28308
30 KB
2 cloudfront.net
d2xerlamkztbb1.cloudfront.net
d221oziut8gs4d.cloudfront.net
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 21
20 KB
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 4625
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 502
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 629
616 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 9391
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1283
283 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2151
420 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 353
709 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1401
586 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1836
173 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 453
863 B
1 exactag.com
m.exactag.com — Cisco Umbrella Rank: 12387
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
1010 B
1 minutemedia-prebid.com
hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3489
405 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 29307
2 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1217
201 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
64 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 111123
245 KB
1 bbci.co.uk
c.files.bbci.co.uk — Cisco Umbrella Rank: 80088
115 KB
1 detaly.co.il
nep.detaly.co.il — Cisco Umbrella Rank: 790429
97 KB
1 9tv.co.il
www.9tv.co.il — Cisco Umbrella Rank: 425163
292 KB
1 mignews.com
mignews.com — Cisco Umbrella Rank: 370459
48 KB
892 78
Domain Requested by
106 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.zahav.ru
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.gstatic.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
91 s0.2mdn.net www.zahav.ru
s0.2mdn.net
83 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
tpc.googlesyndication.com
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
www.zahav.ru
b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
cdn.ampproject.org
s0.2mdn.net
76 cm.g.doubleclick.net 22 redirects googleads.g.doubleclick.net
www.zahav.ru
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
33 securepubads.g.doubleclick.net www.googletagservices.com
www.zahav.ru
ecdn.firstimpression.io
securepubads.g.doubleclick.net
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
32 doska.zahav.ru www.zahav.ru
doska.zahav.ru
27 static.criteo.net ads.eu.criteo.com
static.criteo.net
cdn.valuad.cloud
22 dsum-sec.casalemedia.com 10 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
20 www.zahav.ru 1 redirects www.zahav.ru
19 ib.adnxs.com 5 redirects ecdn.firstimpression.io
cdn.valuad.cloud
googleads.g.doubleclick.net
acdn.adnxs.com
csync.smilewanted.com
16 www.google.com www.zahav.ru
tpc.googlesyndication.com
b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
14 dt.adsafeprotected.com 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
www.zahav.ru
14 fastlane.rubiconproject.com ecdn.firstimpression.io
cdn.valuad.cloud
13 date.zahav.ru www.zahav.ru
date.zahav.ru
12 www.gstatic.com 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
12 cdn.ampproject.org securepubads.g.doubleclick.net
12 pix.eu.criteo.net ads.eu.criteo.com
12 ecdn.firstimpression.io www.zahav.ru
ecdn.firstimpression.io
12 www.googletagservices.com www.zahav.ru
76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
11 mcdp-nydc1.outbrain.com widgets.outbrain.com
10 googleads4.g.doubleclick.net www.zahav.ru
10 googleads.g.doubleclick.net 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
pagead2.googlesyndication.com
10 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com securepubads.g.doubleclick.net
10 images.outbrainimg.com www.zahav.ru
10 freecurrencyrates.com www.zahav.ru
9 onetag-sys.com 4 redirects cdn.valuad.cloud
www.zahav.ru
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
9 tracking1.firstimpression.io ecdn.firstimpression.io
8 s-img.idealmedia.io www.zahav.ru
8 images.wcdn.co.il www.zahav.ru
7 pixel.rubiconproject.com 4 redirects www.zahav.ru
csync.smilewanted.com
7 adservice.google.com securepubads.g.doubleclick.net
7 adservice.google.de securepubads.g.doubleclick.net
7 csync.smilewanted.com 1 redirects cdn.valuad.cloud
csync.smilewanted.com
7 cdn.firstimpression.io ecdn.firstimpression.io
6 static.adsafeprotected.com pixel.adsafeprotected.com
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
6 encrypted-tbn0.gstatic.com 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
6 widgets.outbrain.com www.zahav.ru
widgets.outbrain.com
5 s.amazon-adsystem.com 3 redirects www.zahav.ru
ssum-sec.casalemedia.com
5 eb2.3lift.com 5 redirects
5 ap.lijit.com 4 redirects csync.smilewanted.com
5 c1.adform.net 5 redirects
5 match.360yield.com 5 redirects
5 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
5 image6.pubmatic.com 5 redirects
5 csm.eu.criteo.net ads.eu.criteo.com
5 outbid.firstimpression.io ecdn.firstimpression.io
5 firstimpression-d.openx.net ecdn.firstimpression.io
5 hbopenbid.pubmatic.com ecdn.firstimpression.io
4 token.rubiconproject.com 4 redirects
4 gum.criteo.com 2 redirects static.criteo.net
4 fw.adsafeprotected.com 2 redirects www.zahav.ru
4 x.bidswitch.net 4 redirects
4 match.adsrvr.org 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
www.zahav.ru
ssum-sec.casalemedia.com
4 encrypted-tbn2.gstatic.com 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
4 static.doubleclick.net 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
4 odb.outbrain.com widgets.outbrain.com
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
4 pogoda.co.il www.zahav.ru
3 aax-eu.amazon-adsystem.com 2 redirects www.zahav.ru
3 mug.criteo.com www.zahav.ru
3 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
3 cms.quantserve.com 1 redirects 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
3 sync.1rx.io 3 redirects
3 ads.travelaudience.com 3 redirects
3 dclk-match.dotomi.com 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
3 cat.nl.eu.criteo.com ads.eu.criteo.com
3 ads.eu.criteo.com 76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
3 htlb.casalemedia.com ecdn.firstimpression.io
cdn.valuad.cloud
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 creativecdn.com 2 redirects
2 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
2 ups.analytics.yahoo.com 2 redirects
2 sync-tm.everesttech.net 2 redirects 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
2 um.simpli.fi 2 redirects
2 a.tribalfusion.com 1 redirects 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
2 ads.avct.cloud 2 redirects
2 gcm.ctnsnet.com 2 redirects
2 r.turn.com www.zahav.ru
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 pixel.adsafeprotected.com 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
2 b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 rtb.nl.eu.criteo.com www.zahav.ru
2 static.smilewanted.com csync.smilewanted.com
2 76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 b1h-euc1.zemanta.com cdn.valuad.cloud
www.zahav.ru
2 u.openx.net cdn.valuad.cloud
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 mv.outbrain.com widgets.outbrain.com
2 cdn.jsdelivr.net ecdn.firstimpression.io
cdn.valuad.cloud
2 tag.escalated.io ecdn.firstimpression.io
tag.escalated.io
2 ads.pubmatic.com jsc.idealmedia.io
cdn.valuad.cloud
2 cm.idealmedia.io jsc.idealmedia.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 jsc.idealmedia.io www.zahav.ru
jsc.idealmedia.io
2 static.chartbeat.com www.zahav.ru
1 ice.360yield.com 1 redirects
1 sync-eu.connectad.io cdn.connectad.io
1 cdn.connectad.io csync.smilewanted.com
1 us.ck-ie.com csync.smilewanted.com
1 match.sharethrough.com csync.smilewanted.com
1 ads.stickyadstv.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ad4m.at ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 s.company-target.com 1 redirects
1 secure.adnxs.com 1 redirects
1 px.ads.linkedin.com www.zahav.ru
1 fe57972bc97691b997752e012384b7bd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 js-sec.indexww.com cdn.valuad.cloud
1 acdn.adnxs.com cdn.valuad.cloud
1 dsp.adfarm1.adition.com 1 redirects
1 tr.blismedia.com 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 rtb.openx.net 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
1 m.exactag.com 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
1 s.tribalfusion.com www.zahav.ru
1 fonts.googleapis.com 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com www.zahav.ru
1 a74e63c6efbe6f16f103d9d7d15d0b0a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ffc13fe933f5196d3afbf06344ee7d5c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 hb.minutemedia-prebid.com cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 tag.1rx.io ecdn.firstimpression.io
1 autocounter.idealmedia.io www.zahav.ru
1 widget-pixels.outbrain.com www.zahav.ru
1 servicer.idealmedia.io jsc.idealmedia.io
1 c.idealmedia.io jsc.idealmedia.io
1 www.google.de www.zahav.ru
1 stats.g.doubleclick.net www.google-analytics.com
1 d221oziut8gs4d.cloudfront.net d2xerlamkztbb1.cloudfront.net
1 ad.doubleclick.net www.zahav.ru
1 d2xerlamkztbb1.cloudfront.net www.zahav.ru
1 ecdn.analysis.fi www.zahav.ru
1 ping.chartbeat.net www.zahav.ru
1 mab.chartbeat.com static.chartbeat.com
1 www.googletagmanager.com www.zahav.ru
1 cdn.valuad.cloud www.zahav.ru
1 c.files.bbci.co.uk www.zahav.ru
1 nep.detaly.co.il www.zahav.ru
1 www.9tv.co.il www.zahav.ru
1 mignews.com www.zahav.ru
0 prebid.smilewanted.com Failed cdn.valuad.cloud
892 144
Subject Issuer Validity Valid
zahav.ru
R3		 2022-12-08 -
2023-03-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.mignews.com
E1		 2022-12-26 -
2023-03-26		 3 months crt.sh
*.9tv.co.il
E1		 2023-01-04 -
2023-04-04		 3 months crt.sh
*.detaly.co.il
E1		 2022-12-19 -
2023-03-19		 3 months crt.sh
www.bbc.co.uk
GlobalSign RSA OV SSL CA 2018		 2022-10-17 -
2023-11-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
valuad.cloud
E1		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
doska.zahav.ru
R3		 2022-12-18 -
2023-03-18		 3 months crt.sh
date.zahav.ru
R3		 2023-01-28 -
2023-04-28		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
www.freecurrencyrates.com
R3		 2023-01-21 -
2023-04-21		 3 months crt.sh
*.wcdn.co.il
Amazon		 2022-04-27 -
2023-05-25		 a year crt.sh
analysis.fi
Amazon		 2022-11-03 -
2023-12-02		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.escalated.io
Go Daddy Secure Certificate Authority - G2		 2023-01-03 -
2024-02-04		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-29		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-04 -
2023-03-31		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
hb.minutemedia-prebid.com
Amazon		 2023-01-04 -
2024-02-03		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-19 -
2023-03-24		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-15		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-13 -
2023-04-17		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-19 -
2023-09-15		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh

This page contains 98 frames:

Primary Page: https://www.zahav.ru/
Frame ID: D3C3279E4E1025BB5E22C04E1EAD6B47
Requests: 159 HTTP requests in this frame

Frame: https://www.zahav.ru/currency
Frame ID: 47B7C07001B165FC7FD4944504287C68
Requests: 12 HTTP requests in this frame

Frame: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Frame ID: 888A138A6C515731758474D4A4CA53D0
Requests: 15 HTTP requests in this frame

Frame: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Frame ID: D573A2CFD0C5EC3DDC211899F88400A3
Requests: 17 HTTP requests in this frame

Frame: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Frame ID: 46E49422EF36391B2818363E390E7D7E
Requests: 7 HTTP requests in this frame

Frame: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Frame ID: F3E6FDCF6A59192430AC2BC1FD19A571
Requests: 6 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1675089944912686652047
Frame ID: FC60B00C87F09C392B06DA19CD9D2D5D
Requests: 1 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 9AC003F511EB92FCE27777202C0F2344
Requests: 18 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: EBD44148367845DC4AA83333814ECA7F
Requests: 20 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1085B6E4A502AA77616122887E43A681
Requests: 1 HTTP requests in this frame

Frame: https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: A0FA033D899ED0A33F143F13A4D0C631
Requests: 1 HTTP requests in this frame

Frame: https://ffc13fe933f5196d3afbf06344ee7d5c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C671624CA18300D5067C6965C9F59753
Requests: 1 HTTP requests in this frame

Frame: https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BED2120E4BB8C104D1488ED49A0A20DE
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Frame ID: CC30DC8385A03709CA7C9355DA078A86
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B6C577A139E3E2BA3E1071EE4FC1B42E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17BE482C9D0E49173D9497B5B9119E1A
Requests: 2 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: D727AF9E537D1ADE0C5CD5AC0AEC1FE5
Requests: 20 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: BF6DED4538590A30EE8649BCE2074E87
Requests: 19 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E3BA67256767DAB8CC3ADF8FA0CB4664
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 0CA0BD9376D05CA08A79414B749933DC
Requests: 22 HTTP requests in this frame

Frame: https://a74e63c6efbe6f16f103d9d7d15d0b0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1C22E179115D2CDD3F17DFAD9DD0B7CC
Requests: 1 HTTP requests in this frame

Frame: https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F3B98DC6334A6465876E8AE56BD544C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E24CB4C7CAC3B6C0110BF9DF1236F84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF7E760067AD79AD6F87F6ABDA513E18
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BB702B13A77A0ABECD7BFA4A7635B69C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DE2CF27EAA919D2E1BDA044CCE0FAF19
Requests: 2 HTTP requests in this frame

Frame: https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BC95091B9CC25A3AF49FE1EBE875870C
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Frame ID: 14036BB0A368E11E57FA1C5F75D53530
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
Frame ID: 1DD68CE9F940A62481084C84AE76B740
Requests: 20 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 60B40DB7A8EC6C2A7E58175AD011603C
Requests: 26 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A5994A7AE07A03CECDEB43B1A02FD2E3
Requests: 21 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 01B6F85B8F26B4EA2D6055CA25EEBC60
Requests: 22 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8F9D3CBDA52F566F26D383ACD3EF607E
Requests: 28 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
Frame ID: CFE1E32AE55DA624A3E26ADEBFD9BEB8
Requests: 19 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C826427079F620D2BF23DA16CED905B7
Requests: 21 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 10B6C410A65B0A1A56CF0298F58C76CD
Requests: 26 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A135189A08D36AC61F08D3AA991F567C
Requests: 21 HTTP requests in this frame

Frame: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E9F4E364357CCDB98DB04B9C5B5C7E8D
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYs9GbvQEwAQ&v=APEucNWWy9UzhxD80u5IBjFdXqD5iFZkobFvwSPHNx_DR9Q6TpHvxeihdsECZeXbYB1KK5Z5H6yeJJ4rmJ0ni6FJ3Sy37rUlDWVzoPAxe8RBACL7RU1XvwMy6rpdB7ABDYxPJjzuAbVF1BHIRmdJIujDSSVNMrvtnMRT8vs-K2Gsp8DYRsgh8As
Frame ID: 03B5F9B05A4D4F18F9630CBE17C81651
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWQHZ-A40lGXwB6RuaGn2hApdh82tHAmx5Gjt6xdhvupuDOF9jhA98gr8P1One7sKiFoA1y-T8dQQy3iS7CkORccZNOjXLZdrLo49mcUBpimAIXiKdkOJS3CEK8RuiHscm-wH_XTYNuDlg0rDlRNFder3ltJT1c999hAcujVMp7c6EJREY
Frame ID: 794D43C82E9FC9A37BA834F26AE8E84D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW3CF5K4sC8sEpO2MEO_hw9O3-YL3V2-w511KA-7Whva84rD_3TQy4pYkZCWvlFUa_aVIpsR9cPsj2Ce6y7fHLmTOOgMOWzM5OYmfqpx8asqmV4Z6kiwy7290tRWkstzqF_x9dQjWvV_ZHKFo6z8LrCFlp5Ts1cG7m6I62jSMUaUz8dwQI
Frame ID: FA4FD09628229D275E28BDF50404CA4C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXRpsVTVpcfmhRCX_79d_Py6-w16-2zmkqRIhQJuE4ypmNBTucM8IPZinIRpT0-CC8QuXJpg_o_IGQpNir2o2kDeSEG9dC2aASqzQDRL1VW0pad-Epim19ie_S5fyDDTkN8qT-y3dNl6aIiRhOphAuRSOf9FlwiuUFsO2UJ3xarF_0W6_0
Frame ID: EDC71F7633D356CF587AF88643F1F80B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXHi3bgjEtu-PukyInZwuiI_t8wJKIovT8aKpmRSZHPUHtS8lthntq5oLo1R_ysfwA0C1-VOs4kuvemMwBMQNFUjd_ApHPE0zhVYsmAw_2aLDI1wVJFZEO4SfldzEhk7XPn9ebChXxZ8QXyF1HzWs_PgqBGALSY-czFQNH1_c3wFiknCvA
Frame ID: BFE14528B0C41E66AA2D10FB788B9E74
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 45485A23BCBBE7CAE3CC21CDCA034F5D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DE065644E2DCA979A17ACCB190BD83DA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28E1E18A4223C77C803E90A4133E0092
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Frame ID: 180F585DFB068F941233A2B123507D91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Frame ID: 93B3B55E02CAEA57B489CCCBEA2ACA6B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Frame ID: 1D8E2998C3C0EBE4EE04A0D4610E2584
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 691F7681CD658817DF41DEC794BA27D3
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
Frame ID: BBE722D9647A8E90ED3A70AF5AAFA8D7
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B538BD026BDD37F77813CD9E3908DA40
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Frame ID: E15ECF8D7FB2E23C99308EFA63E4C324
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Frame ID: 2882D80528FFA3D7A4330E1537069C19
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 96F991E04B4ADA86EDAEEF8782763306
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0768B491292632F6CAD21859C9F45057
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A13943898BF31F2F2929BA47AAB8FDF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4AA3EC4520BC3184D81FBB3BE594D0E2
Requests: 9 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: A91102D82BE3C4BA0BA3269B182046CF
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Frame ID: AB14DC13164D65522946BC38496A8A4E
Requests: 19 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3D386C0EC9B785C151AF6D95E40DBBCC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D3D26FEE8A1C1720C8AE9EAC7597F015
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Frame ID: 905D88517CC51FD754D588F812B11C73
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7BAC3A45A555315C6FD0041E9EF71E6E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0971AF86AACCF5CF8FBAF06FE770EB49
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 898C67FD8CFF9F929A5A0FE55CA84CF5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 448B9691F458E1E44403C106609CEF48
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8B91893AF0B1C05A63D9A79804D22AE3
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 21545EDA10D3CD409729398D01547CF8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A73EA08D87E902577904C7D25FED84CF
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 90BB22E7A5FA3A17F4252230367FB432
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: F7580F5CC354B07C792E11FA60B2D021
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1675089945725
Frame ID: 8C7025BFBDF0D1FFFCEF106E59889764
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: AE86400572D37974DCE6F0CBAE7698A7
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Frame ID: C75B755C10790E76543A014717CBCFDC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Frame ID: 6950E6D6E161D72E76E8CBAE86F8131D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Frame ID: 8382D9A0EF10C7C79989D7C91D67A7C8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Frame ID: B5A634206C5F5EA767D88338AB688E17
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Frame ID: 6E7174D8FA49EFDD3DDCDDA9C55723FE
Requests: 1 HTTP requests in this frame

Frame: https://fe57972bc97691b997752e012384b7bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E57FFAD97404A33CC76A0CC17FA2ED8F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A522CF36FDF87509A1A76F0F343576A9
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9381100E5F5559032A50081D5586538D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6FC87E85D0E5F3F4F7B5CC789C6F68C7
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 38A8B1F9B5BDFDFB2887CCC16C9F1C94
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 251AA5474C9413FAAE9A6D9F642B788C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/493534cdcae3e7de53d840b82d9f5cfa?gdpr_consent=&gdpr=0
Frame ID: B78B761A20257A0D2F30A24030960C86
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 5A7FD716DF2772A6DF3BF2D9D80DA0EF
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: B0EC78F93AD765250E668DDCA756B6D6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/OhahF6rPb4SeAIS3Up6b?pi=smilewanted&tc=1
Frame ID: C5922912D0E391D735E8A59B564F634F
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=78720388ab838806413dad0039e148e2
Frame ID: A4EA3DF57E39727AE56FD4C8F6F7A284
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: EE1E42EDC5B4747B9F2C069F48EBB8DD
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: 1777AA2FB1CA0FADBAB0D5DB0D232A2F
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 93A7EE64ACF7AEB36D9D8E2878391281
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/38e9d187-6efa-426a-834d-f16dbb80efa3&partner_id=1010
Frame ID: 969A82FF6E51893CC88527FC1193BC35
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: B252944EC04ADB2E368508E97FF1DE9A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.zahav.ru
Frame ID: 2F2B62F20F4F713ED030245558F67795
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CA75C22A61A5EBAEA33BE09018F93631
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C77ECF36867D2424C4AA53B81E39D009
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

zahav.ru - все об Израиле на русском языке

Page URL History Show full URLs

  1. http://www.zahav.ru/ HTTP 301
    https://www.zahav.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

892
Requests

89 %
HTTPS

43 %
IPv6

78
Domains

144
Subdomains

104
IPs

13
Countries

9952 kB
Transfer

23790 kB
Size

71
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.zahav.ru/ HTTP 301
    https://www.zahav.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 490
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 491
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 492
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Request Chain 493
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Request Chain 494
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 495
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 496
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Request Chain 497
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Request Chain 498
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 499
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 500
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Request Chain 501
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Request Chain 502
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 503
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 504
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Request Chain 505
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Request Chain 506
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 507
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Request Chain 508
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Request Chain 509
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Request Chain 519
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC7wpjKpQEQsAkYsAkyCLFotOMqCV6b HTTP 301
  • https://tpc.googlesyndication.com/simgad/11219243522209494208
Request Chain 561
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFErzBKa0hqiIjitq19bt9k&google_cver=1&google_push=Aa02lx_4OzJkF7zJGRFLvAEWkk_ReC5trU8hjOPTAgz_t2JYnfqEHiJLBZQ6nR1nhvE2WVzRKrks_a9Ms9Dx2BN2Zwu_x_OzeuRo HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0XojgE6-SRmzBEnyKxiZmQ2&google_push=Aa02lx_4OzJkF7zJGRFLvAEWkk_ReC5trU8hjOPTAgz_t2JYnfqEHiJLBZQ6nR1nhvE2WVzRKrks_a9Ms9Dx2BN2Zwu_x_OzeuRo
Request Chain 562
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAYmWmorWlKCVYLGcZ6z8OY&google_cver=1&google_push=Aa02lx_VmSw7tzpBzIacihTjBSBbI7jKqOOMWOt4iTd440CqT9KtIo7TkzLAbK5d1h9Tlx7--DDodhlOVbpcubeKwpjlkxzEEVA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAYmWmorWlKCVYLGcZ6z8OY&google_cver=1&google_push=Aa02lx_VmSw7tzpBzIacihTjBSBbI7jKqOOMWOt4iTd440CqT9KtIo7TkzLAbK5d1h9Tlx7--DDodhlOVbpcubeKwpjlkxzEEVA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wqOymprHR4q7xmxDiW3ccw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_VmSw7tzpBzIacihTjBSBbI7jKqOOMWOt4iTd440CqT9KtIo7TkzLAbK5d1h9Tlx7--DDodhlOVbpcubeKwpjlkxzEEVA
Request Chain 563
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIgJSsx2mUbeNM1H0UNF5y8&google_cver=1&google_push=Aa02lx9ki0vOLa_YmVTvTkuKf4yCZ4HY1zMnp0atY88wX8xTwa28BGXFSUgq8pPTRwbbLIvrz2AzkyPLsJfhQohJlUsN_QlUCtfK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE&google_push=Aa02lx9ki0vOLa_YmVTvTkuKf4yCZ4HY1zMnp0atY88wX8xTwa28BGXFSUgq8pPTRwbbLIvrz2AzkyPLsJfhQohJlUsN_QlUCtfK
Request Chain 564
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1&google_push=Aa02lx-1Q80eUN78vCYcXlC-2ah3bZ671yR1tv2YqrccLUlA0Y6JYHyVr9gOjH7QOced0QLHqmBuPDiVtBaLUtSnciBThm2QX3_X HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx-1Q80eUN78vCYcXlC-2ah3bZ671yR1tv2YqrccLUlA0Y6JYHyVr9gOjH7QOced0QLHqmBuPDiVtBaLUtSnciBThm2QX3_X
Request Chain 565
  • https://match.360yield.com/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx-ksP3AhTYgab9sJURR7Byk_x4NcEi9RyIIfsqOwi-Sl7-7-wcIhiGfd0iHx_TnMrJThMBj8MksjGyhJdYms6fIw7ZFmvhd HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx-ksP3AhTYgab9sJURR7Byk_x4NcEi9RyIIfsqOwi-Sl7-7-wcIhiGfd0iHx_TnMrJThMBj8MksjGyhJdYms6fIw7ZFmvhd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx-ksP3AhTYgab9sJURR7Byk_x4NcEi9RyIIfsqOwi-Sl7-7-wcIhiGfd0iHx_TnMrJThMBj8MksjGyhJdYms6fIw7ZFmvhd
Request Chain 566
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB_f-cAD_99Q-chx5VbTvGg&google_cver=1&google_push=Aa02lx8vLgXxsf48OlUAscK0PVISO64J3Xbx3FniE59to7bbiwf2yGPXGslwNFvpBTaiuQUhtE4PHCvV7ZwBiaAEJ1uOHr73EfmN HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8vLgXxsf48OlUAscK0PVISO64J3Xbx3FniE59to7bbiwf2yGPXGslwNFvpBTaiuQUhtE4PHCvV7ZwBiaAEJ1uOHr73EfmN&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675089947796 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-334c9d14-522e-465d-bcb1-937c671fc7b0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8vLgXxsf48OlUAscK0PVISO64J3Xbx3FniE59to7bbiwf2yGPXGslwNFvpBTaiuQUhtE4PHCvV7ZwBiaAEJ1uOHr73EfmN%26google_hm%3DAzNMnRRSLkZdvLGTfGcfx7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8vLgXxsf48OlUAscK0PVISO64J3Xbx3FniE59to7bbiwf2yGPXGslwNFvpBTaiuQUhtE4PHCvV7ZwBiaAEJ1uOHr73EfmN&google_hm=AzNMnRRSLkZdvLGTfGcfx7A
Request Chain 568
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1&google_push=Aa02lx9w_GCDU4bTR5Ek-dEfnm42nD7ks6oYQT1NDnMMZT0m33YQRyJrHdQDshg3YWEt8id2WFBB10fiFeRjUwVtTCRnivpjn7mKMg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE0NTY5OTM5OTI4MDcxNjU0OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1
Request Chain 571
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDgiq7Ykvqz0hGHRgHeLLkU&google_cver=1&google_push=Aa02lx8JZ_RZhto3YAUsiT5dEc5i9pMY7jeravp8-JYZXzeh1-u4DMTvhVnSanuKgsFeKoxwFTFQGzUpr8ep4Rhl7JpNSjjcApytqQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8JZ_RZhto3YAUsiT5dEc5i9pMY7jeravp8-JYZXzeh1-u4DMTvhVnSanuKgsFeKoxwFTFQGzUpr8ep4Rhl7JpNSjjcApytqQ&google_hm=25Mw5zC6RbyaLMC9zC6YSMo
Request Chain 572
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHt6er1rhLcuc4Fc4Od4WWo&google_cver=1&google_push=Aa02lx_KZYSJDBtqAd6erTMczqT4XYZzlQ0A_s-oZd-YE23vRZcTdCNt2yBfocGDi_yGkyHT_9a_YxRy5Y2aieD2XC6Xirm4NL-0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHt6er1rhLcuc4Fc4Od4WWo&google_cver=1&google_push=Aa02lx_KZYSJDBtqAd6erTMczqT4XYZzlQ0A_s-oZd-YE23vRZcTdCNt2yBfocGDi_yGkyHT_9a_YxRy5Y2aieD2XC6Xirm4NL-0 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a9bec712-4ae9-4888-9cad-95fa19b954c8&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78IJfU6cWSwrQ&google_hm=YoCtvfNkReaneT0CWi0vOw==
Request Chain 573
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx8NXYUmv2qyfJm6W6_6sx2S3QdvumHuaCeUt3GtrJK-kNpUebnu55BF8_8Z-eQGW7KuJe9ufAz54haG99s6y36Dp_3RrY-BGg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx8NXYUmv2qyfJm6W6_6sx2S3QdvumHuaCeUt3GtrJK-kNpUebnu55BF8_8Z-eQGW7KuJe9ufAz54haG99s6y36Dp_3RrY-BGg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx8NXYUmv2qyfJm6W6_6sx2S3QdvumHuaCeUt3GtrJK-kNpUebnu55BF8_8Z-eQGW7KuJe9ufAz54haG99s6y36Dp_3RrY-BGg
Request Chain 574
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAYmWmorWlKCVYLGcZ6z8OY&google_cver=1&google_push=Aa02lx-GFz-Pcu4fO-DPGC1J0ZXi4cmbEehKdGAQN6ROwJRst5IpRfoW9VJqhMnfSNOXmKjmJ9Qil5kMavJIfZMXlkFlo83wloAQYQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAYmWmorWlKCVYLGcZ6z8OY&google_cver=1&google_push=Aa02lx-GFz-Pcu4fO-DPGC1J0ZXi4cmbEehKdGAQN6ROwJRst5IpRfoW9VJqhMnfSNOXmKjmJ9Qil5kMavJIfZMXlkFlo83wloAQYQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7kubSRxPQ4GKSTFeQkIosw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-GFz-Pcu4fO-DPGC1J0ZXi4cmbEehKdGAQN6ROwJRst5IpRfoW9VJqhMnfSNOXmKjmJ9Qil5kMavJIfZMXlkFlo83wloAQYQ
Request Chain 578
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKpp2MgaJ57bH96VIuBmIbo&google_cver=1&google_push=Aa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcIt&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcIt%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKpp2MgaJ57bH96VIuBmIbo&google_cver=1&google_push=Aa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcIt&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcIt%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 579
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFErzBKa0hqiIjitq19bt9k&google_cver=1&google_push=Aa02lx-iW5Val_GeuYSw1G0e3WcOd13y4M1zdAwy9FRgjvc9O7FPujcBC-k_BJNS3U2_KENSBX3qd-tut_QER91j9IpXSQhFdhxy HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9VBJN13DTzeYYCj9FtDTJw2&google_push=Aa02lx-iW5Val_GeuYSw1G0e3WcOd13y4M1zdAwy9FRgjvc9O7FPujcBC-k_BJNS3U2_KENSBX3qd-tut_QER91j9IpXSQhFdhxy
Request Chain 580
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1&google_push=Aa02lx-9FhPxVNwVkNQPBvGeuF723-hKqWyg5f0E9wyFzonaINWq283IDK62uQVtAb9UXIyiKp3voTQzUbyG6nkwKkDbOECIyJmB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx-9FhPxVNwVkNQPBvGeuF723-hKqWyg5f0E9wyFzonaINWq283IDK62uQVtAb9UXIyiKp3voTQzUbyG6nkwKkDbOECIyJmB
Request Chain 581
  • https://match.360yield.com/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx8jWFibI08YUjN3mgKjimivgihLTyjhwHh86qC-Hc_xvNd6KIapbvtGQKSqfV73XUs4D3Wl0RxoT05NXQf9Uyps73LdjPkp HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx8jWFibI08YUjN3mgKjimivgihLTyjhwHh86qC-Hc_xvNd6KIapbvtGQKSqfV73XUs4D3Wl0RxoT05NXQf9Uyps73LdjPkp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx8jWFibI08YUjN3mgKjimivgihLTyjhwHh86qC-Hc_xvNd6KIapbvtGQKSqfV73XUs4D3Wl0RxoT05NXQf9Uyps73LdjPkp
Request Chain 582
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMEEAd93SvEWl7ZQM-TMiI0&google_cver=1&google_push=Aa02lx9hzSA_oMfQwiksvw1wAJTwVQfbKgHbUK7BRxrcg6TiHgOsd6bgMbiHEstVAN4nUr2Pn3VhI0HonAVdBydvRrb4qGYJxepp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9hzSA_oMfQwiksvw1wAJTwVQfbKgHbUK7BRxrcg6TiHgOsd6bgMbiHEstVAN4nUr2Pn3VhI0HonAVdBydvRrb4qGYJxepp HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 624
  • https://fw.adsafeprotected.com/rfw/st/886862/62195781/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_G9jXY5SrKPCVjuwP_u6R6A0&cbFunctionName=goog_wrapCb_G9jXY5SrKPCVjuwP_u6R6A0&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.zahav.ru&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.zahav.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:32928a59-5cc4-c9b6-1caf-59e964cb6329,c:2Nafhy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-bb8697c85-2j7r7,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tur0IgD+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1i*.886862-62195781%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k1,idMap:1i*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:22,oid:c89684bc-a0ac-11ed-af07-1e991eb050a5,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 635
  • https://fw.adsafeprotected.com/rfw/st/886862/62195781/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_G9jXY-_lKa7O7_UPxZG2qAg&cbFunctionName=goog_wrapCb_G9jXY-_lKa7O7_UPxZG2qAg&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_320x50.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.zahav.ru&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.zahav.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e3ebd3d7-a203-0d8a-232e-9fa3dbe27979,c:2Nafjv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-bb8697c85-wh2s6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tur0Iix+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1k*.886862-62195781%7C1k1%7C1k2%7C1l,idMap:1k*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:25,oid:c896abb3-a0ac-11ed-8a00-8e31a34b8b06,v:19.8.385,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 642
  • https://um.simpli.fi/gp_match?google_gid=CAESEBtB1VePVjlwjKZNjLSfcbg&google_cver=1&google_push=Aa02lx_73Bkmd1Xd7urzXRG-qj-wJMogI4imX53o6RQzaaw75ARBt4i5CEZBVC_fqpVAspMGFt7kh7ZSK2bO1cWyTenYjEdY7Q7NhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=051F2CFCF7EB4D0183562ED60AF623C2&google_push=Aa02lx_73Bkmd1Xd7urzXRG-qj-wJMogI4imX53o6RQzaaw75ARBt4i5CEZBVC_fqpVAspMGFt7kh7ZSK2bO1cWyTenYjEdY7Q7NhQ
Request Chain 643
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHt6er1rhLcuc4Fc4Od4WWo&google_cver=1&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78IJfU6cWSwrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78IJfU6cWSwrQ&google_hm=YoCtvfNkReaneT0CWi0vOw==
Request Chain 644
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx_ZKBm2o87_ruSBDaRJq74oMTVDETAxoQvMy4qbGD5zFWYv_pmz8gHo1VmjWoVVFmpgEmTzscD1WLL0O8JqmBfm168ktL7vRA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx_ZKBm2o87_ruSBDaRJq74oMTVDETAxoQvMy4qbGD5zFWYv_pmz8gHo1VmjWoVVFmpgEmTzscD1WLL0O8JqmBfm168ktL7vRA
Request Chain 646
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPqwmPVXosF2yrCBfFjMiEo&google_cver=1&google_push=Aa02lx_v2NA2AKYMST1j-ncCATYhHZWg0NlzHNz4G-dYXYUlI_5ALhwOh-DLvR4psdz8YWngM21Dz715R44PnkOIBpay3C7yVP7Nsw HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPqwmPVXosF2yrCBfFjMiEo&google_cver=1&google_push=Aa02lx_v2NA2AKYMST1j-ncCATYhHZWg0NlzHNz4G-dYXYUlI_5ALhwOh-DLvR4psdz8YWngM21Dz715R44PnkOIBpay3C7yVP7Nsw&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_v2NA2AKYMST1j-ncCATYhHZWg0NlzHNz4G-dYXYUlI_5ALhwOh-DLvR4psdz8YWngM21Dz715R44PnkOIBpay3C7yVP7Nsw&google_hm=GEsVqGZHJY088AojQkOcurJt
Request Chain 647
  • https://match.360yield.com/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx9Hx0ZlGwiRqW7qcCDra35sj5r6PF0SqCL9dyU6dy7cy-3BtrFJ7etB7dhw4iJIEZt0D1iRLCXCFhpwwQOWPNr9IfAaVgy3AQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx9Hx0ZlGwiRqW7qcCDra35sj5r6PF0SqCL9dyU6dy7cy-3BtrFJ7etB7dhw4iJIEZt0D1iRLCXCFhpwwQOWPNr9IfAaVgy3AQ
Request Chain 648
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMEEAd93SvEWl7ZQM-TMiI0&google_cver=1&google_push=Aa02lx8p2njTYJLP5pCTzcRnKlE4XnxRKEYQudxM-vCizWtCJkiZm86eKxjxU47W0orsLiOs7kBKcuLwb7Me1-WE7MkkwOGzBgb8hCk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8p2njTYJLP5pCTzcRnKlE4XnxRKEYQudxM-vCizWtCJkiZm86eKxjxU47W0orsLiOs7kBKcuLwb7Me1-WE7MkkwOGzBgb8hCk HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 715
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1&google_push=Aa02lx_H6PFvvCNP3nFANkgmNBvz-bPMI6vAuKr7-270xd5nqDWLA3J8LSpuR23AvsCaFJDt1c3gHVoMxz_UqT4wTSg7EAAm2Ng HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE0NTY5OTM5OTI4MDcxNjU0OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1
Request Chain 716
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA8ls45UiHuu8Cx-jrRZWOU&google_cver=1&google_push=Aa02lx8MEV5E8rbj67quQLD6H0lMf4MZwzQdNrT2VC7K5sDd5z4EOkYma9ALmwgdB7L7__PIWSJOjxIB1kkBcEZTaeG65Dy255Jz HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8MEV5E8rbj67quQLD6H0lMf4MZwzQdNrT2VC7K5sDd5z4EOkYma9ALmwgdB7L7__PIWSJOjxIB1kkBcEZTaeG65Dy255Jz&google_hm=_z8BdwUVLbLTKopRTMh3Zg
Request Chain 717
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDgiq7Ykvqz0hGHRgHeLLkU&google_cver=1&google_push=Aa02lx_gZQt9kftNCGdu9J95N0WJJXpk872MppKIpzh1RrDgWfQQLSgYy5ydVT0fSo_jbXCnaUZKaoeUO4AlXwZ1ffcP5XrKItj3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_gZQt9kftNCGdu9J95N0WJJXpk872MppKIpzh1RrDgWfQQLSgYy5ydVT0fSo_jbXCnaUZKaoeUO4AlXwZ1ffcP5XrKItj3&google_hm=25Mw5zC6RbyaLMC9zC6YSMo
Request Chain 718
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFErzBKa0hqiIjitq19bt9k&google_cver=1&google_push=Aa02lx9slm1WqaOp19840zpW6dc4_j187383fR2JGLwEYsG76NLA2zn8hEXLXLWP9aNODpTYR4A5IGMKNjIuat9CzwZAPHhKioUG HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9VBJN13DTzeYYCj9FtDTJw2&google_push=Aa02lx9slm1WqaOp19840zpW6dc4_j187383fR2JGLwEYsG76NLA2zn8hEXLXLWP9aNODpTYR4A5IGMKNjIuat9CzwZAPHhKioUG
Request Chain 719
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPqwmPVXosF2yrCBfFjMiEo&google_cver=1&google_push=Aa02lx__XhF2MG7RsELh7miU99w50qlIzc1AmyhQeyYuIe6cUBR2unmR4FgbNB-TQtTod8FuezHKyXZX_pn1-wPR1fXBAxf9yDtz HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPqwmPVXosF2yrCBfFjMiEo&google_cver=1&google_push=Aa02lx__XhF2MG7RsELh7miU99w50qlIzc1AmyhQeyYuIe6cUBR2unmR4FgbNB-TQtTod8FuezHKyXZX_pn1-wPR1fXBAxf9yDtz&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx__XhF2MG7RsELh7miU99w50qlIzc1AmyhQeyYuIe6cUBR2unmR4FgbNB-TQtTod8FuezHKyXZX_pn1-wPR1fXBAxf9yDtz&google_hm=GEsVqGZHJY088AojQkOcurJt
Request Chain 720
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB_f-cAD_99Q-chx5VbTvGg&google_cver=1&google_push=Aa02lx-WUeas578lkZoosCUQjQKTWQ-MvktXaxyQVTaFvOrYT4A7eRZIdS1C79b1Ik4Zn52nSfkPQTySuvw67DuOvNVWzbfGMVVS HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-334c9d14-522e-465d-bcb1-937c671fc7b0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-WUeas578lkZoosCUQjQKTWQ-MvktXaxyQVTaFvOrYT4A7eRZIdS1C79b1Ik4Zn52nSfkPQTySuvw67DuOvNVWzbfGMVVS%26google_hm%3DAzNMnRRSLkZdvLGTfGcfx7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-WUeas578lkZoosCUQjQKTWQ-MvktXaxyQVTaFvOrYT4A7eRZIdS1C79b1Ik4Zn52nSfkPQTySuvw67DuOvNVWzbfGMVVS&google_hm=AzNMnRRSLkZdvLGTfGcfx7A
Request Chain 721
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELr23G38neR9gz50Z8__-ZM&google_cver=1&google_push=Aa02lx8i6NpqnbVECy5a0_p6u-KsQdtKGB6ylmru7WUe1mWXLSiv81RAlVZ5iaL0i9fjzUTtLjP8TXhnl1FqoUHel5YsWQEgL68U HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8i6NpqnbVECy5a0_p6u-KsQdtKGB6ylmru7WUe1mWXLSiv81RAlVZ5iaL0i9fjzUTtLjP8TXhnl1FqoUHel5YsWQEgL68U&google_gid=CAESELr23G38neR9gz50Z8__-ZM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx8i6NpqnbVECy5a0_p6u-KsQdtKGB6ylmru7WUe1mWXLSiv81RAlVZ5iaL0i9fjzUTtLjP8TXhnl1FqoUHel5YsWQEgL68U
Request Chain 725
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_cver=1&google_push=Aa02lx81MF7hAw_c4xtEG-_UPbTT4mCKNSb4QdUZ60rNeBvGr5UAEbgtDvPjlNy1eF3Zujbk34fS3EwIrAg-uHFG1lrYwD5s5Yg0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_push=Aa02lx81MF7hAw_c4xtEG-_UPbTT4mCKNSb4QdUZ60rNeBvGr5UAEbgtDvPjlNy1eF3Zujbk34fS3EwIrAg-uHFG1lrYwD5s5Yg0
Request Chain 726
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx_abeLNCJer6R_a1xLfYr2SLFDOkS7mnDiGnwdp7yw1Z2VT2eydows3tfXZCGx2jbTThe9hnD-X2egD90Z3kituYm_2Dtdg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx_abeLNCJer6R_a1xLfYr2SLFDOkS7mnDiGnwdp7yw1Z2VT2eydows3tfXZCGx2jbTThe9hnD-X2egD90Z3kituYm_2Dtdg
Request Chain 727
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIgJSsx2mUbeNM1H0UNF5y8&google_cver=1&google_push=Aa02lx-3RAvU8y2VRe1yNFiBqnlRrOiAPpeE3AuT9inrxnWupWTqSl7HmPWkCki9x2erY0DbIrzgW9rzqUasiN-K2Q3sFnNO7LY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE&google_push=Aa02lx-3RAvU8y2VRe1yNFiBqnlRrOiAPpeE3AuT9inrxnWupWTqSl7HmPWkCki9x2erY0DbIrzgW9rzqUasiN-K2Q3sFnNO7LY
Request Chain 728
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1&google_push=Aa02lx9p0pFUWqfBsTSI0ewlHAmPXrkqr6vNggSnAp2_3b83NHOhB9qG6X03zVqBIXcWvdxfOBJAJEA-t3Z1L5_W2SUAcQ9_sofT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx9p0pFUWqfBsTSI0ewlHAmPXrkqr6vNggSnAp2_3b83NHOhB9qG6X03zVqBIXcWvdxfOBJAJEA-t3Z1L5_W2SUAcQ9_sofT
Request Chain 729
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELr23G38neR9gz50Z8__-ZM&google_cver=1&google_push=Aa02lx9kx1Pj3T1nlLOekvGsw9SfqUfzG7D7wvtVDcxmj7f5DzRcIwa_AyCM5I29YPjbSAQfKRcUDuUxkewFUATzjGr2g1uo523A HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9kx1Pj3T1nlLOekvGsw9SfqUfzG7D7wvtVDcxmj7f5DzRcIwa_AyCM5I29YPjbSAQfKRcUDuUxkewFUATzjGr2g1uo523A&google_gid=CAESELr23G38neR9gz50Z8__-ZM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx9kx1Pj3T1nlLOekvGsw9SfqUfzG7D7wvtVDcxmj7f5DzRcIwa_AyCM5I29YPjbSAQfKRcUDuUxkewFUATzjGr2g1uo523A
Request Chain 730
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELXcRkoFrcT_twL0NJWgcEI&google_cver=1&google_push=Aa02lx8SM4-vk86nSHLaJR7O-o1gKy7HrqrK1-jxjS6oc3LezH8KtF8s0FE8a4T0rfyD-jBqcXWUeOb_CUc2IaxkAAGLskGzMNJ3LA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELXcRkoFrcT_twL0NJWgcEI&google_cver=1&google_push=Aa02lx8SM4-vk86nSHLaJR7O-o1gKy7HrqrK1-jxjS6oc3LezH8KtF8s0FE8a4T0rfyD-jBqcXWUeOb_CUc2IaxkAAGLskGzMNJ3LA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sYjh0a3dWRTJ1RXlUamxzWklQSWw4Yl8waHN1OVNGMX5B&google_push=Aa02lx8SM4-vk86nSHLaJR7O-o1gKy7HrqrK1-jxjS6oc3LezH8KtF8s0FE8a4T0rfyD-jBqcXWUeOb_CUc2IaxkAAGLskGzMNJ3LA
Request Chain 735
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHyvN9u_-isPPJv6AKkd0-g&google_cver=1&google_push=Aa02lx_3m7D03kgAiLoZg6-J6fZoKgqo52DSogs5fUf-v9TslzaETh7k2DnPwknhIy7tpH2m1jRrPOiSaCOaUGkbaCGvHu35aIBQVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_3m7D03kgAiLoZg6-J6fZoKgqo52DSogs5fUf-v9TslzaETh7k2DnPwknhIy7tpH2m1jRrPOiSaCOaUGkbaCGvHu35aIBQVg
Request Chain 736
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_cver=1&google_push=Aa02lx-JaEh3TdG0PpPfaqfF9Gb5ZMLqYpodTIzYNtiVUlWPWrNXKk4XAzkbmbeDzTSudgq3ShbJLy483ueS8oMSJSFsnNY2U20owA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_push=Aa02lx-JaEh3TdG0PpPfaqfF9Gb5ZMLqYpodTIzYNtiVUlWPWrNXKk4XAzkbmbeDzTSudgq3ShbJLy483ueS8oMSJSFsnNY2U20owA
Request Chain 739
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJsMzd6R4kniIH4bbQm8Xr0&google_cver=1&google_push=Aa02lx_kVcD1s4rxu4LlO0xFCrhzWcyeAaq3QEcMkUs-5SIqCtyZb_7yYEOf8Q2hxxBIbozx1QfRylXkg1K0Ud5exWhaSbsvulUKpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_kVcD1s4rxu4LlO0xFCrhzWcyeAaq3QEcMkUs-5SIqCtyZb_7yYEOf8Q2hxxBIbozx1QfRylXkg1K0Ud5exWhaSbsvulUKpw&google_hm=eS1GbDNJcXZ4RTJwRXJlZmZEX3FHV1dnUFI4cGlBcHpwVH5B
Request Chain 740
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx81p7CEtVK6HvmAOzwQHO-RbVvWbKePURw5QwzRDOXIHZSRloYilAMi_8T8bgZDCdqt0Epf25m3nY835YT8vjXLwA7VpoYkrQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx81p7CEtVK6HvmAOzwQHO-RbVvWbKePURw5QwzRDOXIHZSRloYilAMi_8T8bgZDCdqt0Epf25m3nY835YT8vjXLwA7VpoYkrQ
Request Chain 741
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMEEAd93SvEWl7ZQM-TMiI0&google_cver=1&google_push=Aa02lx-g1UmqqZtofKjdGsIx8_DmYwkJnsN8nP8WIaPu5F89km9dgVrMm4biAGcrvN-tWLZGFgAjKQW2mGhX4T2DjtoZJOLOuwOsKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-g1UmqqZtofKjdGsIx8_DmYwkJnsN8nP8WIaPu5F89km9dgVrMm4biAGcrvN-tWLZGFgAjKQW2mGhX4T2DjtoZJOLOuwOsKA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 746
  • https://um.simpli.fi/gp_match?google_gid=CAESEBtB1VePVjlwjKZNjLSfcbg&google_cver=1&google_push=Aa02lx_1gRTHptBdBpfnnKbqDt0PU-myulvhS3rnZ6eqDvsu8C0mQMU_aYiR9isKR6jqN3S-kJpqRNoJWBXnc0dj2qFF3FQVWkln HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=051F2CFCF7EB4D0183562ED60AF623C2&google_push=Aa02lx_1gRTHptBdBpfnnKbqDt0PU-myulvhS3rnZ6eqDvsu8C0mQMU_aYiR9isKR6jqN3S-kJpqRNoJWBXnc0dj2qFF3FQVWkln
Request Chain 747
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP2iJnHbdnT919bwvEutFJw&google_cver=1&google_push=Aa02lx_l8xpKq2ETpzxR16iVZjIRnPnv4QeeutJbU2gqvavKsj_wUL9iuI0lse4s7yLRO2ee7Kx5FyBFOCGa8irF9mIg4dMgnYGi4A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NDQ1NjU0NDU1MjU0ODQ5Nw%3D%3D&google_push=Aa02lx_l8xpKq2ETpzxR16iVZjIRnPnv4QeeutJbU2gqvavKsj_wUL9iuI0lse4s7yLRO2ee7Kx5FyBFOCGa8irF9mIg4dMgnYGi4A
Request Chain 748
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAYmWmorWlKCVYLGcZ6z8OY&google_cver=1&google_push=Aa02lx_PK6UEBjSxnhsJF1BWrtGk3QJ2NOuFkZhbdbCzZ8YlgWYV_TnCTl6-7qJelrcEeC6bg3AWyPSGuw2YNhTr5Iyq1nNV3JdY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7kubSRxPQ4GKSTFeQkIosw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_PK6UEBjSxnhsJF1BWrtGk3QJ2NOuFkZhbdbCzZ8YlgWYV_TnCTl6-7qJelrcEeC6bg3AWyPSGuw2YNhTr5Iyq1nNV3JdY
Request Chain 749
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMEEAd93SvEWl7ZQM-TMiI0&google_cver=1&google_push=Aa02lx9wzQxSGDaBrovlFEQlwKNU2u69eYu2GhoYdovSMs4avx9Y6EkjXFnDzfImZRUrqOU2hXqFYOAxsOpR01obTQIptF--1S-7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9wzQxSGDaBrovlFEQlwKNU2u69eYu2GhoYdovSMs4avx9Y6EkjXFnDzfImZRUrqOU2hXqFYOAxsOpR01obTQIptF--1S-7
Request Chain 750
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELr23G38neR9gz50Z8__-ZM&google_cver=1&google_push=Aa02lx-qPgoQERdRROm-_Tji5SnDLdXK8AY3lyVDkjkE1qYXdQHqqGAExQ5aCvSOjwLFgbbuWwl-gqjCykFMeU_LDeQ7Ma5uJtGQ2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx-qPgoQERdRROm-_Tji5SnDLdXK8AY3lyVDkjkE1qYXdQHqqGAExQ5aCvSOjwLFgbbuWwl-gqjCykFMeU_LDeQ7Ma5uJtGQ2Q
Request Chain 801
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zahav.ru%2F&domain=www.zahav.ru&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=jXMiUHxlMjJYSElsRC91ZXI5enp6VERzRUxsWlAzU0tqTFJ1bGRaMDl5QlExS2EyZFl6dVBwOHVkQWIwUjZPV2w1b2V6Qi92M1ZFLytKM212YnlPQzZMT1VMTVR2T1FmR3QvSFdTL3NwOVkvNTFpemxRMmJDOG84U2lYVjJCSnlhalIzSjRwbi9OT0k0S3FtcTc5UGRQbTRDR3p4NGZCRnVWZC8rVzlObWFvK05LL1BDVVZOZm9adWZlVzhzNkdxQjdyZHdjVGZ3QzFHSFpYRXphVkphSkFSMW1heFdUcDdFZUExOTVKaWpiNzhTbnM4PXw&cppv=2
Request Chain 845
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE
Request Chain 846
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENDijRcZeAsbW5Gk2UAUfZw&google_cver=1
Request Chain 847
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTdlNzEwMWQ2MDdiMDYxMTNiMGQ0YmJhZTNlYjAyOTkwZGE2MjZiMQ
Request Chain 848
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDIXAXV3-U-JD3D
Request Chain 849
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Tq8ii7amWXy9Jq4oujCcUw?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QrlEhapE2oL3Ba7NKNgmBXANsrr2Z72dCrXQhw--~A
Request Chain 850
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FhXrYo7fQRCmBzhNKe4qsA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FhXrYo7fQRCmBzhNKe4qsA
Request Chain 851
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=07nLgFNhQtGNfxxHd_E7aw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=07nLgFNhQtGNfxxHd_E7aw
Request Chain 855
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&dcc=t
Request Chain 857
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1
Request Chain 858
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=527108006124877884
Request Chain 859
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690728350&external_user_id=f9add9ae-2ec5-4b19-88d6-2796e9646169
Request Chain 876
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/493534cdcae3e7de53d840b82d9f5cfa?gdpr_consent=&gdpr=0
Request Chain 879
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/OhahF6rPb4SeAIS3Up6b?pi=smilewanted&tc=1
Request Chain 882
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=78720388ab838806413dad0039e148e2
Request Chain 885
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 887
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/38e9d187-6efa-426a-834d-f16dbb80efa3&partner_id=1010
Request Chain 892
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zahav.ru&sn=ChromeSyncframe&so=3&topUrl=www.zahav.ru&bundle=H1OwB182JTJGWHBBVGZBemNlTVhsbHVXNWYlMkJHY2JsYk1kMHFkS05YSlB6emtHdEdCM29nNkUxdU1DRlBlcDhGSFBvME9tcmZnY3JNa003WlNucVlIOHpuSSUyRkc4cld6MjZoU0JzclAwdExYS1hmY2d2cWtnSENsR1lLS1ZLZEV3UkZVRnBwUw&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=1TWl0HxYWXliSHo4TlpVLzhwNGNuOFRmbzB0b0Rid2lmQytNejRKRmZuQ3pmdHFiY3JWNUZmUmpQRUxxVUc1VU1iTC90SHZmeTBRT1BiZEk2Z0pOckRvUytqWEpFWFFOc0lTNU1VV29WMHpsK1I2RjhtMVp1cDJTOFFJTEkzWnZNME9CWWYwSEdiY29CVFloeDNIbkNWMk9nY3hHTnZrcnZWb2I5MkVkWHo0ZTZJOUhSODV6dDFyb00veWNBVmIvQ2ttMFNYR3Z0UzEzNDlGbFRBVFE2Y1U2SVZOaU0zM1dGbkcwa1hvUWRHVGhBTUF5TTNoMWF4ZXlBMi9hN3pXc0ZRSVFzMElDVk94YnJsZ1ZlSVVWZGRQTGdwdz09fA&cppv=2

892 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.zahav.ru/
Redirect Chain
  • http://www.zahav.ru/
  • https://www.zahav.ru/
250 KB
111 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
10752425fbadfe60a419b93d6d305457eabcac3e77eff48b553db5d2ed07c4f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2
cache-control
public, max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 14:45:41 GMT
etag
W/"3e6e1-0OjL31wMspt571+oIwhgngYZSlY"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-id
03CkV6GQ2O9ZgkVev7vpTmnaT28g2LQSMiFtIT6lVeXNEiNVqmzY4Q==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
x-cached
MISS

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Mon, 30 Jan 2023 14:45:43 GMT
Location
https://www.zahav.ru/
Server
CloudFront
Via
1.1 e56e6732f380db727425bac2d6158760.cloudfront.net (CloudFront)
X-Amz-Cf-Id
hCyP_13MInTKbGaiLKWwM9EKIhVokV015cDs7sXBNvM2ea08H08quQ==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Redirect from cloudfront
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f420d5b6a967dcd39bb20d47407995e9201eda77741d52f5f18fe9ba6516159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27568
x-xss-protection
0
server
sffe
etag
"1467 / 288 of 1000 / last-modified: 1675080581"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 14:45:43 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:5c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 01:13:29 GMT
content-encoding
gzip
via
1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
VIE50-P1
age
48734
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
0oldI_zT5iX50DykzpRAz1_WyutpngE-AKRNG9C8W40Pr-uKwmrMmg==
expires
Tue, 31 Jan 2023 01:13:29 GMT
facebook.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		266 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/facebook.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
146a64826cd7fdd7a02546901a50c199c7cd8bf2c3a87be4a051a269ab43da69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"10a-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
266
x-cached
MISS
x-amz-cf-id
DHU3KWj0_uOwpHZwR2EDHv0LltoIUYWJg_FjkfH8GgpsPjyONK4TZA==
facebook.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		276 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/facebook.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
8c973fc683837b2b8c9392b6c4115c52f98b8c8c74242b0a2cafa677c60fa1f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"114-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
276
x-cached
MISS
x-amz-cf-id
j6VtwoFUVNfqiTsY6kHQ74hejJlvarJoLJ-UJBRBBuV2G8v7eV3vFg==
telegram.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		411 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/telegram.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
1d27f89e2708b673850caa81118e9245c6afdd422358378e09ffecce4c26dece

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"19b-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
411
x-cached
MISS
x-amz-cf-id
moCUSIotDBRoLGFQRUDzM1_eENRZZZ44FyiroFpVJ9Xz4c-r8KzF2w==
telegram.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		426 B
791 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/telegram.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a1b95607d3ea9371fb72c392e8ae3d77dd3a4a315cedacd47cbaa0d2b44a53b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"1aa-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
426
x-cached
MISS
x-amz-cf-id
AELgennqlAHnj3fWcXpsWtxN0fQcWqZPgKuCbG_6XSw0TnEDGHNqhw==
twitter.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		372 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/twitter.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
3fd055f9b0f7d6baaec7f56e269c8dcd347f6680bbd4194c57ee590a46fdb95e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"174-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
372
x-cached
MISS
x-amz-cf-id
S-7LclndIh_5UHwGUtRu6NvkvD1L_J0Zu_GA3XdBE3a1OyNU7pqi2A==
twitter.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		387 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/twitter.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
515fcf87781aef040a6758d637d17d941caf08ea469656259b5fc3745b832d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"183-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
387
x-cached
MISS
x-amz-cf-id
3NbGZMmz00nFrTJ7auncpJIwyQCYWTwlUiFPGoLm7J72mnzkpAHEqw==
vk.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		362 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/vk.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
da4a76da2f7b8699744313947182d57adebfbea051b931c01df1f73e41d5ff33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"16a-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
362
x-cached
MISS
x-amz-cf-id
rx38K0TrhxdqfH2XM5SQNfio15Fe9x0tSoHUHEaYpbRns8kApONybA==
vk.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		393 B
756 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/vk.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
95db6265c2c336d53707a24c7f8ccfcc921965c848f18bfc64988ddf4fdf8b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"189-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
393
x-cached
MISS
x-amz-cf-id
TeCT81oD-2s93k2P46CnkKFQfHaAnZvIpDKJ6-FGOaFsBoHb1sLmzg==
ok.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		401 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/ok.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
60531e79a8bcd2aea26e031d6c09a2da7ca3c074bea5d4585a5009d52e17f81c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"191-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
401
x-cached
MISS
x-amz-cf-id
furoGRjyMJTXlaK0QVbSQSQL-l3bdOqx5J43gJE4AkXUdO5Q8DpvYw==
ok.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		416 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/ok.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
624f0494fca1a39f49b63bc119f7f76161c6cb1af4d6f8a34fd8ba627c195868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"1a0-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
416
x-cached
MISS
x-amz-cf-id
pEqP1Ph4pBRRFVmQ-9mUX1YxGXHdyH_ZC5KWFch9_xJ_aYJqXZHCSA==
logo-desktop.png
www.zahav.ru/public/zahav/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/images/logo-desktop.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
ae633993bc7b3cab03ed1c6c815522b7cfeb0b8d34cbd1d97526220fc758b8e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85674
etag
W/"1151-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
4433
x-cached
MISS
x-amz-cf-id
hJdXRwzstJbRK5pnOaAkiRC765C3Xffj6dWg2fAP2S3OazIwUpxk9g==
2a01b7325dcfd8f1ca1f877ec0caa4b4.jpg
mignews.com/media/cache/2a/01/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mignews.com/media/cache/2a/01/2a01b7325dcfd8f1ca1f877ec0caa4b4.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6a4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb7d1b5185fe782e03c839c36cd6fcf8562aecf1b4f8b8203ad9d392beeee0a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27146
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48465
last-modified
Mon, 30 Jan 2023 05:24:05 GMT
server
cloudflare
etag
"63d75475-bd51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qfq6dRWKScgd921CJ0l%2BZxT84xnc8JDyEB%2FqZ4NUE68jb5369zFMop8aF66Z9Vg3nXfWGm3zBt%2B%2FNlCmxI1iwTijzBH%2FuUukjFSvyMaIy0Nu4Cm6Jznu5SOiaOqYL9aia8vIJZPLVjYaTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
791afe3658d6928d-FRA
expires
Tue, 30 Jan 2024 07:13:18 GMT
img_id=24792.jpg
www.9tv.co.il/download/pictures/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9tv.co.il/download/pictures/img_id=24792.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:e96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2a1eec148f3e7a4e2abb7567eac85f10e22bc746177e21e7dd2f18a39e231d9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Sat, 01 Jan 2022 13:54:31 GMT
server
cloudflare
age
4508
etag
"13ebbb1917ffd71:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
791afe36ac809142-FRA
content-length
298000
elektro.jpg
nep.detaly.co.il/wp-content/uploads/2023/01/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nep.detaly.co.il/wp-content/uploads/2023/01/elektro.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b72d740c7a68f565ebd0c160a68f98f6d32e22d63d922ceda741ac21f04d07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2584
cf-polished
origSize=104434, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
99005
cf-bgj
imgq:100,h2pri
last-modified
Mon, 30 Jan 2023 07:33:12 GMT
server
cloudflare
etag
"63d772b8-197f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RXX4H5W62RkaaMRfoirMjSxxii13bIXxdBigxpk4LrMG%2BMqy%2FzSogC6hTGuBSE7XV5UNSucmj7Z2U7cCZU8UGu%2Fk3ZcfZOyc0zwfAq9VyLInbhcLC5yPWkavJBMHlR7C8i54niTd7uCXDzCV0OY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
791afe36eb52bbdf-FRA
expires
Wed, 01 Mar 2023 14:02:40 GMT
_128433686_m1abramtank.jpg
c.files.bbci.co.uk/10C19/production/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.files.bbci.co.uk/10C19/production/_128433686_m1abramtank.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:593::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
759a3bc931c92a8f76146408a36ee180634e46d3b75a5fc1db15506be10c1689

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
Tfp.XfR8228z_pGe7kOOtVb7PvGLduND
date
Mon, 30 Jan 2023 14:45:44 GMT
nel
{"report_to":"default","max_age": 604800,"include_subdomains":true,"failure_fraction":0.01}
x-amz-request-id
G6VX6PWP309A1WKQ
content-length
117196
x-amz-id-2
tcqjqEffvkmEb3pwswnos5c8m0Qi8fK5D/mhlDp91zLbGbl4cXU7HmeABbyOACEDfBcIYGVuRfM=
last-modified
Sat, 28 Jan 2023 07:22:37 GMT
server
AmazonS3
etag
"3e74b6d847250c697abb610de4a45479"
access-control-max-age
300
report-to
{"group":"default","max_age":3600,"endpoints":[{"url":"https://assets.bbc-reporting-api.app/report-endpoint","priority":1}],"include_subdomains":true}
content-type
image/jpeg
access-control-allow-origin
*
access-control-allow-methods
HEAD,GET
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
zahav.ru.1297439.js
jsc.idealmedia.io/z/a/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/z/a/zahav.ru.1297439.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
446b0bb9d49ccd632ebe9da2f9400d4a930063ebbdf257efdfd776060093b442

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
x-amz-version-id
AKmdXj0RPXREoZxcqvgJzNCaCjhRIpdm
cf-cache-status
HIT
x-amz-request-id
HGY6QZJVVTFYJWXA
age
2012
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1015
x-amz-id-2
UDIfV94zJGVkcopkvx3zo8GOLxmlHvMR2lNuP71HMToNdnOETR6sCVT8NpbMbPQ4ydEjlGl+vxw=
last-modified
Wed, 18 Jan 2023 10:21:07 GMT
server
cloudflare
etag
"2f99bbbdbf56b7798844ef8bbea7f0a6"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
791afe37094a9a0c-FRA
expires
Mon, 30 Jan 2023 17:45:44 GMT
d200_70.png
pogoda.co.il/img/pogoda/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/pogoda/d200_70.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd6cd8ff5c4eef0aa32d6417b205ab52786f996a08452f020e5ef21dbaff7f11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1676398
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3587
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"e03-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bn%2BRRPhPdvP7PGHMUquNJfArxn%2B2ZCsxrJvI3g4LF3M7fhQa4EKM7c5dbmVwKppt3DpU%2Fk6jU6s%2B1jOGWmIide5m%2BKgxndt7i66AzmBndF2H0dnL23AQsFXypIHZkmcePhqDYpaXY6IRsJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
791afe370fbb914c-FRA
expires
Fri, 10 Feb 2023 05:05:46 GMT
W.png
pogoda.co.il/img/ico/ 		485 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/ico/W.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e08db94c0edaeda58d9ec49280ba5cc53fb5419946848d6e773b0e4ad84c6ef3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
888110
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
485
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"1e5-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URx9YbDvlB4vHmmc9cXVGka2CxpFuZeeLOa8wvOfH%2Fos03NJWaGZTdXMnUyu3ZSjBq5spKf9vno7OSHCq2jW%2BUfQ74Hzrv0qxgJxoYUj02cRWf64TKI3UF85gSC4zHnnGDHN8ysFVYm3HeY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
791afe370fbd914c-FRA
expires
Sun, 19 Feb 2023 08:03:53 GMT
d100_70.png
pogoda.co.il/img/pogoda/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/pogoda/d100_70.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673cfa216f5ba0d28634c396c15255f3efc2c3c4e728f7fcb41b56407541cb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
360245
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3313
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"cf1-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htn1RZgX9E%2FWSPjg6J7h6JQ%2F%2FGKeYwVEviuLIpj1JCC4BuMkqISu9RS9NP1KDDl5Y%2FLdfjx4032kEer7TiKhwnDPNAK9wc6OWRIMYeOj5QqhkeJgf5A6A0e%2BoXBxZAxXfog94Dz6cha5UU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
791afe370fbe914c-FRA
expires
Sat, 25 Feb 2023 10:37:19 GMT
d000_70.png
pogoda.co.il/img/pogoda/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/pogoda/d000_70.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:b6f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beabe65680c8743ac2c03b469d77be5bdd4746db71a57352d44924991109fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
347758
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2240
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"8c0-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzczQGke%2F2cOR3OBGw9gppx6C%2FObSRGp%2FRyHQDSwyBZj6DUdorr1TyPvUdnRZKjlU52mz7zsgohdxUk28med7%2BCDl%2F4d4uHaUGS4XV0uxevwM8q6%2BNQoUK22WAfbWiA9YofYVTfmMYfiw70%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
791afe370fbf914c-FRA
expires
Sat, 25 Feb 2023 14:09:46 GMT
446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
www.zahav.ru/public/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/446_1865aef0cf6839db2ebc_1865aef0cf6839db2ebc_walla.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:51 GMT
content-encoding
gzip
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:41:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85673
etag
W/"2d69-185fdfa4b08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
6YZ3guZH4g4GOVPTr77Y5i-4oQFbW7NxtmEDrbFlMkWVMDunlcxDWA==
x-cached
MISS
462_52f29ea68702dc59c136_52f29ea68702dc59c136_walla.js
www.zahav.ru/public/ 		310 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/462_52f29ea68702dc59c136_52f29ea68702dc59c136_walla.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
f619025fb256e348bb9addf8f86cd071cc9f7f078dc8909513e9990c2eae2123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:51 GMT
content-encoding
gzip
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:41:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85673
etag
W/"4d632-185fdfa4b08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
m-UOzUj56VMlq7F0TFoE-nIv1JNdp34EONBV9IkpIIfd3RgKmb0TLg==
x-cached
MISS
main_941e9cd3acd02641d912_941e9cd3acd02641d912_walla.js
www.zahav.ru/public/ 		1 MB
261 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/main_941e9cd3acd02641d912_941e9cd3acd02641d912_walla.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
815a43a7007a92ee447a73a66cbc3930a5422a602adabed4490985cffbe69ac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
content-encoding
gzip
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:41:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85675
etag
W/"123b0b-185fdfa4b08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
YEHUecrnKytiZVKxyLOSNOzlj77ZyBiCommtafFHzc7jDIvEKh9B4g==
x-cached
MISS
zahav_98b5d077b32f996d98be_98b5d077b32f996d98be_walla.js
www.zahav.ru/public/ 		101 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/zahav_98b5d077b32f996d98be_98b5d077b32f996d98be_walla.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
e895882e79690b5910522fc6d1355f697f4f3c30d2b5c92784a94512707ca1b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:51 GMT
content-encoding
gzip
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:41:57 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85673
etag
W/"192e0-185fdfa4b08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
PDc20hELv2ibDdQTku-N3fGTxLTtZwmBuwFq6wSyfoeOq83kcCibfw==
x-cached
MISS
pubads_impl_2023012501.js
securepubads.g.doubleclick.net/gpt/ 		386 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f368aa8ed1ff20a7f45f67285eb393b6b164a71826955217eaac1aa54c31980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 30 Jan 2023 14:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133524
x-xss-protection
0
last-modified
Wed, 25 Jan 2023 09:36:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jan 2024 14:35:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		235 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zahav.ru
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e55afb39855c447bf0795158c649933bd6bd19a472951e873f11c11c44e94a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:44 GMT
zahavru-prod.js
cdn.valuad.cloud/hb/ 		904 KB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
26abbdba84dca7a5e4cfbcc8b3e82b19abc4c68262c7c97c4fdd892e35770073
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
last-modified
Tue, 24 Jan 2023 15:01:00 GMT
x-sp-metadata
HS256.CKjM354GEogBCiQxZDNiNDg0Zi1lYzQ1LTRiZGYtOWNjZS00YjI4NzRmNjY5ZTcQ+PLE+NXG+wIaBgiYsN+eBiINODAuMjU1LjEwLjIwMiiMsgMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJDk5NjJkMjZiLTlmZmMtNGYyNC04ZDFiLTZmNjU1ZjNiM2RlNRijng8iGAgCEhRjZHMxNDUuZnI4Lmh3Y2RuLm5ldA==.R2r7DpdKuGVjojiQL8xC/m9bCPlx0LtjlfH1Elsoysc=
x-amz-request-id
tx000000000000068237de6-0063d69129-2b9ec190-fra1a
etag
"5a5ad1d6eddbe97edc1f9a0a03f8552d"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1675089944.dop149.fr8.t,1675089944.cds289.fr8.hn,1675089944.cds145.fr8.c
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
249635
gtm.js
www.googletagmanager.com/ 		188 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58RVJLV
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
430d49536fc7a50b6f64c596f88a723f8641638e5ff45f588fcf943bff7b6caf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64742
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 30 Jan 2023 14:45:44 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:5c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 02:57:12 GMT
content-encoding
gzip
via
1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
VIE50-P1
age
42512
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
gOxVry_b6zTdgSok7h80LWZFloazEgEQghRjRN9liqclCYa4AAm_jw==
expires
Tue, 31 Jan 2023 02:57:12 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		147 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=zahav.ru&domain=zahav.ru&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f89756e4d7e60af4f081d9ea1194de02563b4a6b122f69cd489b2da3a47b6b6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits
6
date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
609
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
122
x-served-by
cache-hhn-etou8220041-HHN
x-timer
S1675089944.215412,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 28 Jan 2023 14:35:34 GMT
currency
www.zahav.ru/ Frame 47B7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/currency
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
a620d0cc0e199b13300d4e785ec1a202189fcca6d647dff49611c5513cf419ad

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1903
cache-control
public, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 30 Jan 2023 14:14:17 GMT
etag
W/"481-zo0sWxMFAagrMqGut94XagQZ/A4"
server
openresty/1.15.8.1
vary
Accept-Encoding
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-id
qZl5GNeg02PvXF8f0EGbhnoafw4K5u6xy8OA6u5BpeE0tdO9z3ytIg==
x-amz-cf-pop
FRA2-C2
x-cache
Hit from cloudfront
x-cached
MISS
/
doska.zahav.ru/informer/ Frame 888A 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
a31ff7101ba5dd23109bc0e823f9048bab1673733ff40ba0b95470e04d7ba7b7

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2819
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Jan 2023 14:45:44 GMT
Expires
Mon, 30 Jan 2023 14:45:44 GMT
Last-Modified
Mon, 30 Jan 2023 14:41:18 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Server
openresty/1.19.9.1
Vary
Accept-Encoding
/
doska.zahav.ru/informer/ Frame D573 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
d13874f942f81c9379dee41da38647c629fac89c3af8e7336ce8621c3a88423e

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2804
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Jan 2023 14:45:44 GMT
Expires
Mon, 30 Jan 2023 14:45:44 GMT
Last-Modified
Mon, 30 Jan 2023 14:41:18 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Server
openresty/1.19.9.1
Vary
Accept-Encoding
iframe.php
date.zahav.ru/ Frame 46E4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
da45946a8ab3fbe6e11cf2f7c211511855b751dff3c0a73f3768af44a4501e77

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1125
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Jan 2023 14:45:49 GMT
Expires
Sat, 31 Dec 2022 14:45:44 GMT
Keep-Alive
timeout=20
Last-Modified
Sat, 31 Dec 2022 14:45:44 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
iframe.php
date.zahav.ru/ Frame F3E6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
6f6d4ab5d63294b0d78c78d2a21099f6127e2ad2b54a81934422eb5dbd262d63

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
973
Content-Type
text/html; charset=utf-8
Date
Mon, 30 Jan 2023 14:45:49 GMT
Expires
Sat, 31 Dec 2022 14:45:44 GMT
Keep-Alive
timeout=20
Last-Modified
Sat, 31 Dec 2022 14:45:44 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
nginx
Vary
Accept-Encoding
outbrain.js
widgets.outbrain.com/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.85.96 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-85-96.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d4889ece5a73d54217985f05b6efb913c3677a2efce573e56f41a8d331ad93e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
last-modified
Mon, 30 Jan 2023 06:14:06 GMT
etag
"17-Mlvf3/sbrr/IcTfwZwcxSKvCVwg"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=14400
access-control-allow-credentials
false
x-traceid
7a787964dde2c6c5071d598ddc36a213
timing-allow-origin
*, *
content-length
75958
access-control-request-headers
X-OB-STG,X-OB-PRD
bbc_new.jpg
www.zahav.ru/public/zahav/images/ 		454 KB
455 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/images/bbc_new.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
9fe53095d8381a3ffa7042a8cf71204970cb81a0898c50345f821f5dc289ac3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:49 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85675
etag
W/"718f1-185fdf837c8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
465137
x-cached
MISS
x-amz-cf-id
XcCCJ4LyF_jAQR_Sseqcid06I3nZ3y6ozHCEQ9h3KxrduZZYA7AT0w==
wallaicons.woff
www.zahav.ru/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/font/fonticon/wallaicons.woff
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-62.fra2.r.cloudfront.net
Software
openresty/1.15.8.1 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 14:57:54 GMT
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
last-modified
Sun, 29 Jan 2023 14:39:41 GMT
server
openresty/1.15.8.1
x-amz-cf-pop
FRA2-C2
age
85670
etag
W/"3bdc-185fdf837c8"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
8ofiTn5H_3BhqD5ZPZVGDizNCMlRrQ5PTgc-HINsde2uhbnSCEAWIg==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=zahav.ru&p=%2F&u=8gHU-DimVUTDq1A78&d=zahav.ru&g=20047&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3377&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.zahav.ru%2F&b=511&t=BAjOcr7Hw-aDeilKaB5wGBfDbF_pF&V=139&i=zahav.ru%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%D0%B1%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D0%B5%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5&tz=0&sn=1&sv=Du9l4woRDzBCVH5t1C0caQv2snWQ&sd=1&im=067b2fff&_
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.26.19.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-26-19-24.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:44 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
widget-vertical-editable
freecurrencyrates.com/ru/ Frame 47B7 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freecurrencyrates.com/ru/widget-vertical-editable?iso=ILSUSDEURGBPCHFRUBUAH&df=1&p=FsphPQwN4&v=fits&source=fcr&width=300&width_title=0&firstrowvalue=1.00&thm=A6C9E2,FCFDFD,4297D7,5C9CCC,FFFFFF,C5DBEC,FCFDFD,2E6E9E,000000&title=%D0%9A%D0%BE%D0%BD%D0%B2%D0%B5%D1%80%D1%82%D0%B5%D1%80%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82&tzo=-120
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1f5fd667eebc8a4309e90831c59436b81a0a2c4acda9f91c76b87d1c706cbb53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
server
nginx/1.18.0
transfer-encoding
chunked
content-type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/public/462_52f29ea68702dc59c136_52f29ea68702dc59c136_walla.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5e2dee576c2bdaa579ac52418cf08775594360d88718cd68e38d353d226183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27568
x-xss-protection
0
server
sffe
etag
"1467 / 631 of 1000 / last-modified: 1675080581"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 14:45:44 GMT
3489443-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/4/8/9/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/4/8/9/3489443-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
cloudinary /
Resource Hash
b9b89c796da75de112b90b085ebafaefb7849c10c076e7626720afec2f96a59b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:43:28 GMT
via
1.1 varnish, 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
136
edge-cache-tag
264140916774022621108913835668798537551,163033824620003494124992686043896153512,d2bce9e04f88d43dd8350e859c701704
cache-tag
264140916774022621108913835668798537551,163033824620003494124992686043896153512,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
15492
x-request-id
24b8e6cd0142f26db7a37cb86ca0867d
x-served-by
cache-iad-kiad7000079-IAD
last-modified
Mon, 30 Jan 2023 14:43:29 GMT
server
cloudinary
x-timer
S1675089808.654373,VS0,VE756
etag
"11e311526149875e74d154efd7bbfb56"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
oVQF4mjzb_o437MUqsdLU9IX9MFj_YUeaIq4mveR_Bw_kSJWFzjDnQ==
x-cache-hits
0
3490776-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/9/0/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/9/0/3490776-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
cloudinary /
Resource Hash
34a81da6fd8dc8a3e218e500ad75692301d03b944738003b6087a06bc27fc938

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 16:34:30 GMT
via
1.1 varnish, 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
79874
edge-cache-tag
317925373303244003774944687860365924064,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
317925373303244003774944687860365924064,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
2922
x-request-id
56bd306214dfd12a6be63ffe9949dda4
x-served-by
cache-iad-kiad7000115-IAD
last-modified
Sun, 29 Jan 2023 16:23:46 GMT
server
cloudinary
x-timer
S1675010071.631720,VS0,VE1
etag
"2fa8f245854b97ba94bf3340d96eb39b"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
u76DQi1VU8pCc4BorYNkzL1b95Q-3Ge65i_4gcDgIgaR3oKpsWWEwQ==
x-cache-hits
1
3175593-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/7/5/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/7/5/3175593-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
cloudinary /
Resource Hash
967cddb9245e13a557ee7093462f123736bb07553fd8e985c7edf4297729ac1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 04:33:16 GMT
via
1.1 varnish, 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
36748
edge-cache-tag
109184397076902643499482407137193154211,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
109184397076902643499482407137193154211,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
16366
x-served-by
cache-iad-kjyo7100175-IAD
last-modified
Mon, 30 Jan 2023 04:33:04 GMT
server
cloudinary
x-timer
S1675053196.191674,VS0,VE1
etag
"b7d453647c92568933d851e0e7737a8c"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
mGHvEcEDERNV0O44bwPAbdvmhZ363QL1ToZB_i4uR_3DAxJ4nCL4jA==
x-cache-hits
1
3490318-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/9/0/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/4/9/0/3490318-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
cloudinary /
Resource Hash
e8297d8a88ce77efd81965995721f4be663fd6810b74d14ca32a621e742bb7e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 07:41:00 GMT
via
1.1 varnish, 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
25484
edge-cache-tag
393793513541007249813016232686392545523,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
393793513541007249813016232686392545523,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
status
200 OK
x-cache
Hit from cloudfront
content-length
12534
x-request-id
d9ea54293d3925fc96df07c531707895
x-served-by
cache-iad-kjyo7100165-IAD
last-modified
Mon, 30 Jan 2023 07:41:01 GMT
server
cloudinary
x-timer
S1675064458.699239,VS0,VE3201
etag
"70f6884c007507ee80f4c0e6a2fa0811"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
K4-YgvQtoGz8byAF71nZf47ZOHFDrk4uVZ7EuMgf0qj5IqtacQTc9g==
x-cache-hits
0
3382462-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/8/2/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/8/2/3382462-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
cloudinary /
Resource Hash
f5b433c67070f4a50e7733fb83525ae178880c4f0ba990524871e48a2aec3b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 19:28:06 GMT
via
1.1 varnish, 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
69458
edge-cache-tag
243316638110183967066172735656914713633,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
243316638110183967066172735656914713633,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
11592
x-served-by
cache-iad-kjyo7100138-IAD
last-modified
Sun, 31 Jul 2022 10:57:30 GMT
server
cloudinary
x-timer
S1675020487.752172,VS0,VE1
etag
"d862002fe571ea7cc0c8725c60ebcd77"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
M-YiC52CsBKo23YFFWVBQVrCRp6K25yTH2EE14M_qbRLOyXJ9hultg==
x-cache-hits
1
3350007-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/5/0/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/5/0/3350007-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
cloudinary /
Resource Hash
1a8ae2d94b5b43c4e82cccc842cf9aaf4ab76b9acc9affd8a1d1024eb7a6fb23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 04:34:18 GMT
via
1.1 varnish, 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
36686
edge-cache-tag
256973710676931055017962715667968733754,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
256973710676931055017962715667968733754,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
7389
x-served-by
cache-iad-kjyo7100026-IAD
last-modified
Tue, 05 Jul 2022 03:21:45 GMT
server
cloudinary
x-timer
S1675053258.053844,VS0,VE1
etag
"196f5fbebb563791879b089dad1b8a8f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
gJstgbu9CVwpSFNkQPJt9__AsFFfjm65RPhxZLsGfnrO8jSEaKdILQ==
x-cache-hits
1
3338916-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/3/8/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/3/8/3338916-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
cloudinary /
Resource Hash
e1ab838c676369c7321008e3e8137bd18a8d9a339f699f5231e0818320f0798b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 07:19:03 GMT
via
1.1 varnish, 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
26801
edge-cache-tag
156095127069223937268792945514006156628,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
cache-tag
156095127069223937268792945514006156628,212496020108147977840311483917559093332,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
5098
x-served-by
cache-lga21983-LGA
last-modified
Tue, 20 Dec 2022 07:49:50 GMT
server
cloudinary
x-timer
S1675063143.152014,VS0,VE64
etag
"86622b390c8814c5ed03e6a4b61ec933"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
2AGnifuZUDLmxLPYWejIiR4KpKw-37mIg2m0n_evkkZI_Lr6zi7KBw==
x-cache-hits
0
3074081-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/0/7/4/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/0/7/4/3074081-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-40.fra2.r.cloudfront.net
Software
cloudinary /
Resource Hash
8c395ccc5d2aca2935efc0437d36ef20dd13110dde5887db58bffc99ee330abe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 22:19:15 GMT
via
1.1 varnish, 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
59189
edge-cache-tag
194306358554915676526339412299210732537,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
cache-tag
194306358554915676526339412299210732537,284918326951630284351529302470151995623,d2bce9e04f88d43dd8350e859c701704
x-cache
Hit from cloudfront
content-length
2998
x-served-by
cache-iad-kjyo7100060-IAD
last-modified
Mon, 22 Aug 2022 18:44:58 GMT
server
cloudinary
x-timer
S1675030755.398165,VS0,VE132
etag
"751a21fd2a03b6175e319461a344263f"
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-amz-cf-id
IT5k79v8yWDzHHp7fFF07T90cihqoAIcznwru0ejlp6xsqK8cpDiDA==
x-cache-hits
0
zahav.ru.1297439.es6.js
jsc.idealmedia.io/z/a/ 		260 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fdbbb01874491ed4f2e9ee1f946a6276778f90afb72cbda6e2afaf71d279992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
x-amz-version-id
OTDnRnEHjKG9BgywGUWdRIIwtd4k7Mps
cf-cache-status
HIT
x-amz-request-id
1RQARSCZ1ETHNDAY
age
4083
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78963
x-amz-id-2
nki+5nGyGqaCohSBt6KJhbecr5sIjdt2vAbc7G5a53hbQKqa3Fl+kdLHIt7Jo9VISXLjMxz9MUc=
last-modified
Wed, 18 Jan 2023 10:21:07 GMT
server
cloudflare
etag
"c0588b6a577e4f4fa1c2e6418a5b88fb"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
791afe391da39a0c-FRA
expires
Mon, 30 Jan 2023 17:45:44 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-103.fra2.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:33:39 GMT
content-encoding
br
via
1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
last-modified
Tue, 14 Dec 2021 15:30:51 GMT
server
nginx/1.20.0
x-amz-cf-pop
FRA2-C1
age
725
etag
W/"61b8b8ab-1090"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
zldeGrsgeLYhCZ2cl_yuxP-EFulQYWMK0dFX0hjWgEvNjp4PP00CpQ==
expires
Mon, 30 Jan 2023 15:33:39 GMT
fi_client.js
ecdn.firstimpression.io/ 		347 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
nginx/1.20.0 / PHP/8.0.14
Resource Hash
9e201a537dc59085df1aefdd0845148045056cc32d41f2ce4feeb2f309b85af0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:14 GMT
content-encoding
br
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
last-modified
Mon, 30 Jan 2023 14:07:14 UTC
server
nginx/1.20.0
x-amz-cf-pop
VIE50-C2
age
2310
x-powered-by
PHP/8.0.14
etag
W/"669e86ff4462c89530e239d4834df61d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
yd8MPTI_Pa9a-QHV3sfPQ1fNvrnZfxX_DlMY6sg5RxggzzRvP31sxg==
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58RVJLV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 30 Jan 2023 14:13:15 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1949
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Mon, 30 Jan 2023 16:13:15 GMT
widget.js
d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/ 		736 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/widget.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-84-231.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b22737ff0cffbc4224eed81781e00c9eb3a242590c59a3c14b11ed5bae83a6f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 01:39:18 GMT
Via
1.1 8e4700eb43d0f5579f360cfc02e71fac.cloudfront.net (CloudFront)
Last-Modified
Thu, 01 Feb 2018 11:19:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
AMS1-C1
Age
1083987
ETag
"4d15062a4e2290d32a7e395b47be5382"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=29030400, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
736
X-Amz-Cf-Id
M6mlLCy4hnyiT_gpN0eDnqfs1jMJ0_erEHYAeFll9MlpeAZGzWRV8A==
il.png
freecurrencyrates.com/flags/24/ Frame 47B7 		587 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/il.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9e3c3c9dc24c88ba3faedd92493c57fffd88212868425c2d92895d7ee0fb1392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-24b"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
587
expires
Thu, 31 Dec 2037 23:55:55 GMT
us.png
freecurrencyrates.com/flags/24/ Frame 47B7 		656 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/us.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Fri, 01 Jul 2016 20:43:46 GMT
server
nginx/1.18.0
etag
"5776d602-290"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
656
expires
Thu, 31 Dec 2037 23:55:55 GMT
eu.png
freecurrencyrates.com/flags/24/ Frame 47B7 		909 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/eu.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f880ef6584845869e5d81b2960b8eb81ec470b88ea8859dd75a2ef80f56fe8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-38d"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
909
expires
Thu, 31 Dec 2037 23:55:55 GMT
gb.png
freecurrencyrates.com/flags/24/ Frame 47B7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/gb.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-499"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1177
expires
Thu, 31 Dec 2037 23:55:55 GMT
ch.png
freecurrencyrates.com/flags/24/ Frame 47B7 		532 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/ch.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5618a1cdf82aad97f1c6240687b1707be691d2453d74a7a0234d62bf4bccd877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-214"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
532
expires
Thu, 31 Dec 2037 23:55:55 GMT
ru.png
freecurrencyrates.com/flags/24/ Frame 47B7 		403 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/ru.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-193"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
403
expires
Thu, 31 Dec 2037 23:55:55 GMT
ua.png
freecurrencyrates.com/flags/24/ Frame 47B7 		476 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/ua.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
70549240fea1a10a4c0ec5804693af68a23eeaaff15c9cd1883c0138c81847e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Fri, 01 Jul 2016 20:43:46 GMT
server
nginx/1.18.0
etag
"5776d602-1dc"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
476
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame 47B7 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e190a4d5edc1e768529b868e650ceea914c8329d7083c5af4c6b27045b10a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Regular.woff2
freecurrencyrates.com/font/roboto.googlefonts/ Frame 47B7 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://freecurrencyrates.com/font/roboto.googlefonts/Roboto-Regular.woff2
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f05b6f9877fc4a3f9b4587aba72a9c63c60ce1e26398993498187816366de818

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Sun, 03 Jul 2016 17:43:11 GMT
server
nginx/1.18.0
etag
"57794eaf-f0a4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
61604
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Medium.woff2
freecurrencyrates.com/font/roboto.googlefonts/ Frame 47B7 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://freecurrencyrates.com/font/roboto.googlefonts/Roboto-Medium.woff2
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e9817ff441c7044f2d126a3e12b02f624bd2fff669e3f6092d9c92324313df13

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Sun, 03 Jul 2016 17:43:11 GMT
server
nginx/1.18.0
etag
"57794eaf-f314"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
62228
expires
Thu, 31 Dec 2037 23:55:55 GMT
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
x-request-id
7980ad24-2d12-44cc-b096-f8993d79c8fb
x-vad-version
0.9.18

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
x-cloud-trace-context
06bc6176b499f008665a094bf4bcdffc
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.zahav.ru
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 30 Jan 2023 14:45:44 GMT
server
Google Frontend
x-cloud-trace-context
55f2c6746a33b3cf4d34e3fd2358b32e
x-request-id
undefined
iframe.css
date.zahav.ru/css/ Frame 46E4 		939 B
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/css/iframe.css?v=538
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Oct 2018 15:08:54 GMT
Server
nginx
ETag
"3ab-578e6bf8295fd-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
436
Expires
Thu, 25 Jan 2024 14:45:49 GMT
online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame 46E4 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Last-Modified
Tue, 06 Feb 2018 06:51:18 GMT
Server
nginx
ETag
"5a795066-3f1"
Content-Type
image/png
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
1009
Expires
Thu, 25 Jan 2024 14:45:49 GMT
ts_t8cjm6ier7.jpg
date.zahav.ru/photos/23/2423/7557423/ Frame 46E4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/23/2423/7557423/ts_t8cjm6ier7.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
7602af46dbc686701acde17199c5d8cf8db88f51eaf8c5abb397a8c0c4bf4fee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Last-Modified
Tue, 27 Dec 2022 22:49:29 GMT
Server
nginx
ETag
"63ab7679-9ff"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2559
Expires
Thu, 25 Jan 2024 14:45:49 GMT
ts_8zvtu23ymc.jpg
date.zahav.ru/photos/128/4128/3099128/ Frame 46E4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/128/4128/3099128/ts_8zvtu23ymc.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
5109dc682f0ced2c23a2b3bd0a77a4726911d53350ef393a759a23209a3eb6d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Last-Modified
Sat, 16 Apr 2022 20:30:43 GMT
Server
nginx
ETag
"625b2773-8a9"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2217
Expires
Thu, 25 Jan 2024 14:45:49 GMT
ts_sfxqbuayl5.jpg
date.zahav.ru/photos/173/4973/11174973/ Frame 46E4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/173/4973/11174973/ts_sfxqbuayl5.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
f8a649bc2a5ee786f2ea392281248d859e08a6fd8066e4bccff8f205bb9196ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Last-Modified
Wed, 17 Aug 2022 02:02:58 GMT
Server
nginx
ETag
"62fc4c52-9b8"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2488
Expires
Thu, 25 Jan 2024 14:45:49 GMT
ts_8290g5lo8g.jpg
date.zahav.ru/photos/107/4907/11774907/ Frame 46E4 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/107/4907/11774907/ts_8290g5lo8g.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
934d582c845d55243447cf870ad0e2a39892a7d692fedd758e31f6e1acdf960d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Last-Modified
Mon, 12 Dec 2022 11:56:34 GMT
Server
nginx
ETag
"639716f2-9d6"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2518
Expires
Thu, 25 Jan 2024 14:45:49 GMT
14514407-cd87-4f82-b7bc-8dcf92a7ec9d
https://www.zahav.ru/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.zahav.ru/14514407-cd87-4f82-b7bc-8dcf92a7ec9d
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
4ee9fdb8-34d4-4e81-8e26-5a1935df5404
https://www.zahav.ru/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.zahav.ru/4ee9fdb8-34d4-4e81-8e26-5a1935df5404
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s07-in-f102.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:00:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 31 Jan 2023 14:00:20 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.85.96 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-85-96.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Wed, 01 Mar 2023 14:45:44 GMT
date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1289731455&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zahav.ru%2F&ul=en-us&de=UTF-8&dt=zahav.ru%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%D0%B1%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D0%B5%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=25708014&gjid=1543966242&cid=1296710250.1675089945&tid=UA-4780630-1&_gid=239735314.1675089945&_r=1&_slc=1&gtm=2wg1p058RVJLV&z=1537638567
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
touchcarousel.css
doska.zahav.ru/css/touchcarousel/ Frame 888A 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
779154b7d164b359fd271d3babb7d4eac4f48c49a978ec0a6e0a3f646056d13d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"103e-5a7176818d1c9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1107
three-d-skin.css
doska.zahav.ru/css/touchcarousel/three-d-skin/ Frame 888A 		2 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
c6ca62f78e9bff74cc165d26f88bd40852ae09eac3417e4224b2a9e830da1c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"9bb-5a7176818d1c9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
558
jquery-1.8.3.min.js
doska.zahav.ru/js/ Frame 888A 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/js/jquery-1.8.3.min.js
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"16dc5-5a717681a0a4a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33433
jquery.touchcarousel-1.2.min.js
doska.zahav.ru/js/ Frame 888A 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/js/jquery.touchcarousel-1.2.min.js?v=109
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
b3f915fc4d0a6193c5009ba3f1e6ed7e3ceac82574437f0df5df606c1dd4a4ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"4e8e-5a717681a0a4a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5279
thumb-b2edc12fc8ba0748dc7b08272e455045-web2.jpg
doska.zahav.ru/img/second-hand/2021-04/14/07/ Frame 888A 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2021-04/14/07/thumb-b2edc12fc8ba0748dc7b08272e455045-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
af0113554bc3983c2c432995ed8a4b40cfa2331aa3eb77ac2a89e5cdcfae6773

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:44 GMT
Last-Modified
Wed, 02 Jun 2021 15:19:17 GMT
Server
openresty/1.19.9.1
ETag
"60b7a175-2960"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10592
Expires
Wed, 01 Mar 2023 14:45:44 GMT
thumb-ba3acaca086f64402cdb2d27ce3b198c-web1.jpg
doska.zahav.ru/img/second-hand/2019-05/24/01/ Frame 888A 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2019-05/24/01/thumb-ba3acaca086f64402cdb2d27ce3b198c-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
3507fbb24135ec817de2ac6e5fd75d700aa8095981f5287c21a2d55b2160e3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:44 GMT
Last-Modified
Fri, 24 May 2019 10:06:12 GMT
Server
openresty/1.19.9.1
ETag
"5ce7c214-1a94"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6804
Expires
Wed, 01 Mar 2023 14:45:44 GMT
thumb-076772226dc947abb778436bf580ada1-web2.jpg
doska.zahav.ru/img/second-hand/2019-02/27/04/ Frame 888A 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2019-02/27/04/thumb-076772226dc947abb778436bf580ada1-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
41ce5a50db6ab9503b35a5c94e05c906523a5c9d70eb9dbe6fe46fc3cef403f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Wed, 27 Feb 2019 14:41:19 GMT
Server
openresty/1.19.9.1
ETag
"5c76a18f-1e9d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7837
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-4a7f4957aa1121d048f5bbfab7bef31a-web2.jpg
doska.zahav.ru/img/second-hand/2018-04/30/09/ Frame 888A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2018-04/30/09/thumb-4a7f4957aa1121d048f5bbfab7bef31a-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
387909e1bd44fb55a23ec3a07e75b801fbd9e4e8e8132cecaa2e074f18dc7efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Mon, 30 Apr 2018 18:10:39 GMT
Server
openresty/1.19.9.1
ETag
"5ae75c1f-26b7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9911
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-cda719e8a97f961043cd410cda6dcfa7-web2.jpg
doska.zahav.ru/img/second-hand/2022-11/16/01/ Frame 888A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-11/16/01/thumb-cda719e8a97f961043cd410cda6dcfa7-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
c4ac6eada3c5bc8a1b4aee17ae98da2a55190efe2271d5d57c74d6eee23b3945

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Wed, 16 Nov 2022 11:52:37 GMT
Server
openresty/1.19.9.1
ETag
"6374cf05-235f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9055
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-765e0ef677207a4a9f19f500e58f63cd-web1.jpg
doska.zahav.ru/img/second-hand/2022-11/06/07/ Frame 888A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-11/06/07/thumb-765e0ef677207a4a9f19f500e58f63cd-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
3262b600c151f33edc406fac71a8673f1f5b35bdbea22aa88309f55a5219420e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Sun, 06 Nov 2022 05:07:56 GMT
Server
openresty/1.19.9.1
ETag
"6367412c-2489"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9353
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-f81e2123ed7ae14d7de152ba5030bb27-web1.jpg
doska.zahav.ru/img/second-hand/2022-07/20/03/ Frame 888A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-07/20/03/thumb-f81e2123ed7ae14d7de152ba5030bb27-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
63414ba72dd1117e24ae0425d6396f77179f04fc67244d977fd6b73eb1fa520f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Wed, 20 Jul 2022 12:49:13 GMT
Server
openresty/1.19.9.1
ETag
"62d7f9c9-18bf"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6335
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-7446c669feb60c45828442011ed94701-web2.jpg
doska.zahav.ru/img/second-hand/2022-08/20/07/ Frame 888A 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-08/20/07/thumb-7446c669feb60c45828442011ed94701-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
550a53929eca38a6e4967aa9e78e6fcaa6db8d3516c1f79b764a340e9902e4eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Sat, 20 Aug 2022 04:58:02 GMT
Server
openresty/1.19.9.1
ETag
"630069da-16a7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5799
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-ccef9141ca0d7dc2b97f9585124a2d34-web1.jpg
doska.zahav.ru/img/second-hand/2022-02/11/07/ Frame 888A 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-02/11/07/thumb-ccef9141ca0d7dc2b97f9585124a2d34-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
e21c69355d1e2ee2509ba7cb8958a5a43833cb1531a285265082ba370206d50b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Fri, 11 Feb 2022 05:27:46 GMT
Server
openresty/1.19.9.1
ETag
"6205f3d2-1d3a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7482
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-5534b77875d4e78a466be1b4d2b03699-web2.jpg
doska.zahav.ru/img/second-hand/2022-08/27/12/ Frame 888A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-08/27/12/thumb-5534b77875d4e78a466be1b4d2b03699-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ec272e8159f7bcdcc7338c8711ef107b364a921829e21c7dcd4584f3366bdbb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Sat, 27 Aug 2022 09:52:35 GMT
Server
openresty/1.19.9.1
ETag
"6309e963-237d"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9085
Expires
Wed, 01 Mar 2023 14:45:45 GMT
widget.js
d221oziut8gs4d.cloudfront.net/ 		0
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d221oziut8gs4d.cloudfront.net/widget.js?id=19762624&secure&9306055
Requested by
Host: d2xerlamkztbb1.cloudfront.net
URL: https://d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-34.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:44 GMT
Content-Encoding
gzip
Via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C1
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache="set-cookie"
Connection
keep-alive
Content-Length
20
X-Amz-Cf-Id
hHBwu-y4W3n2Wt3jMK5L0m-gsEC0UhIuJjSge2jw4aKET0kjaQV5ZQ==
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-4780630-1&cid=1296710250.1675089945&jid=25708014&gjid=1543966242&_gid=239735314.1675089945&_u=YEBAAEAAAAAAACAAI~&z=947375052
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 30 Jan 2023 14:45:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4780630-1&cid=1296710250.1675089945&jid=25708014&_u=YEBAAEAAAAAAACAAI~&z=911927204
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4780630-1&cid=1296710250.1675089945&jid=25708014&_u=YEBAAEAAAAAAACAAI~&z=911927204
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.idealmedia.io/pv/ 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.idealmedia.io/pv/?scum=%3F0&scuw=%3F0&pv=5&cbuster=1675089944738198535026&uniqId=05772&lct=1674000000&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.zahav.ru&lu=https%3A%2F%2Fwww.zahav.ru%2F&sessionId=63d7d819-057dd&pageView=1&pvid=186032420a2922aadfb&site=798910&implVersion=11&dpr=1&tfre=943
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
791afe3ab9239a0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
d4da70a4-d1d7-421d-8159-3ff18e877de6
https://www.zahav.ru/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.zahav.ru/d4da70a4-d1d7-421d-8159-3ff18e877de6
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
spc_fi.php
cdn.firstimpression.io/delivery/ 		105 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=6962&url=%2F&charset=UTF-8&ch=14&ref=www.zahav.ru&viewerId=null&referer=&_firid=11525135
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
aa1067fd888278fa338ef0c15a83e87a30f33e4105db96aa9caecb49826e9b09

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
18147
pragma
no-cache
server
Apache/2.4.38 (Debian)
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-amz-cf-id
Z3pf_2sK6tsMJY5BWExp8GhdtvckD8gmkSMtNxBlStQCU6NCn97wZg==
expires
0
iframe.css
date.zahav.ru/css/ Frame F3E6 		939 B
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/css/iframe.css?v=538
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Jul 2020 07:11:49 GMT
Server
nginx
ETag
"3ab-5a9d4b4718cac-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
436
Expires
Thu, 25 Jan 2024 14:45:49 GMT
ts_530v9mdfbg.jpg
date.zahav.ru/photos/127/527/1190527/ Frame F3E6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/127/527/1190527/ts_530v9mdfbg.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
df3478787b7f6d1bcf4e218d1b7d897e80d2234393e689f24758d91ff7c93957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Last-Modified
Wed, 11 Jan 2023 08:28:46 GMT
Server
nginx
ETag
"63be733e-98c"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2444
Expires
Thu, 25 Jan 2024 14:45:49 GMT
ts_sfxqbuayl5.jpg
date.zahav.ru/photos/173/4973/11174973/ Frame F3E6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/173/4973/11174973/ts_sfxqbuayl5.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
f8a649bc2a5ee786f2ea392281248d859e08a6fd8066e4bccff8f205bb9196ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Last-Modified
Wed, 17 Aug 2022 02:02:58 GMT
Server
nginx
ETag
"62fc4c52-9b8"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2488
Expires
Thu, 25 Jan 2024 14:45:49 GMT
ts_ulizvjpmoa.jpg
date.zahav.ru/photos/27/3627/10633627/ Frame F3E6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/27/3627/10633627/ts_ulizvjpmoa.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
f78b2b01b468c40416cad9530465f011f4e160bc9f5e43e271103bc997fda024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Last-Modified
Tue, 10 May 2022 20:03:20 GMT
Server
nginx
ETag
"627ac508-ae4"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2788
Expires
Thu, 25 Jan 2024 14:45:49 GMT
ts_8290g5lo8g.jpg
date.zahav.ru/photos/107/4907/11774907/ Frame F3E6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/107/4907/11774907/ts_8290g5lo8g.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
dabltech.co.il
Software
nginx /
Resource Hash
934d582c845d55243447cf870ad0e2a39892a7d692fedd758e31f6e1acdf960d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Last-Modified
Mon, 12 Dec 2022 11:56:34 GMT
Server
nginx
ETag
"639716f2-9d6"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=20
Content-Length
2518
Expires
Thu, 25 Jan 2024 14:45:49 GMT
1
servicer.idealmedia.io/1297439/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.idealmedia.io/1297439/1?scum=%3F0&scuw=%3F0&pv=5&cbuster=1675089944828897913719&uniqId=05772&lct=1674000000&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=581&cols=1&ref=&cxurl=https%3A%2F%2Fwww.zahav.ru&lu=https%3A%2F%2Fwww.zahav.ru%2F&sessionId=63d7d819-057dd&pageView=1&pvid=186032420a2922aadfb&implVersion=11&dpr=1&tfre=1034
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3095c4658de26e258543188c91bf856e2469171df712956f56a68dfc8d8f48ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
791afe3b5a459a0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
notOutbrain.js
widgets.outbrain.com/nanoWidget/2010113/module/ 		1 B
388 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010113/module/notOutbrain.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.85.96 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-85-96.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 30 Jan 2023 14:45:44 GMT
content-encoding
gzip
content-length
21
last-modified
Mon, 30 Jan 2023 06:13:01 GMT
server
AkamaiNetStorage
etag
"68b329da9893e34099c7d8ad5cb9c940:1675072363.998474"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 06 Feb 2023 14:45:44 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.85.96 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-85-96.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Wed, 01 Mar 2023 14:45:44 GMT
date
Mon, 30 Jan 2023 14:45:44 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
access-control-request-headers
X-OB-STG,X-OB-PRD
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNTUyMDAxLzM2NmZmZWJiMzgxMDVlYzBiMjlhNDRkN2YxY2MxOTZjLmpwZWc.webp
s-img.idealmedia.io/n/10301388/492x277/0x0x508x286/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10301388/492x277/0x0x508x286/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNTUyMDAxLzM2NmZmZWJiMzgxMDVlYzBiMjlhNDRkN2YxY2MxOTZjLmpwZWc.webp?v=1675089944-mJUjNQzDIFVERj7TDn78r4vzZ0y0RppBD5Frggw7F0I
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf750829742aa8cd9387879d3ccb2c9b21af853141c2b44f40faf5430301016e

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Dec 2022 14:14:08 GMT
x-mg-request-uuid
a42f794a-8a5c-4154-8e32-a720aa2f6863
server
cloudflare
age
83964
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
791afe3bdd7c6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8724
expires
Mon, 30 Jan 2023 15:26:20 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvNTUyMDAxLzJmNzg0NjUyN2UzYThkODEzMGE1MjczYzg2OGM1NGUyLnBuZw.webp
s-img.idealmedia.io/n/10275513/492x277/0x0x636x358/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10275513/492x277/0x0x636x358/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvNTUyMDAxLzJmNzg0NjUyN2UzYThkODEzMGE1MjczYzg2OGM1NGUyLnBuZw.webp?v=1675089944-4za2I5iRBSgpNXZSPaNoIjeKmbCskALbzJGpSQ_bszc
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff8d758dc761d10f639c836ee2f40e12c88ecc593216095965db7fe87101c808

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 18:24:08 GMT
x-mg-request-uuid
e3499e6a-70a3-40b9-b92c-559328d0290f
server
cloudflare
age
10677
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
791afe3bdd7d6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12238
expires
Tue, 31 Jan 2023 11:47:47 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNTUyMDAxL2RmMjU2NTg5MDIwNDI4ZDNmYTZhNTc3M2IzOWNjMDZmLmpwZWc.webp
s-img.idealmedia.io/n/10318301/492x277/73x0x508x286/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10318301/492x277/73x0x508x286/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNTUyMDAxL2RmMjU2NTg5MDIwNDI4ZDNmYTZhNTc3M2IzOWNjMDZmLmpwZWc.webp?v=1675089944-4OH0K-PdJc94DTZ6XYaIIuV0HEpNz888iP6qRMsnPiU
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e575f269cf78bfd89ea84a3e54b7b0faf445f055ee49364851e2eec58fa11b

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Dec 2022 11:23:55 GMT
x-mg-request-uuid
3d9148b9-b403-40b7-9c88-bc8641b3928e
server
cloudflare
age
10677
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
791afe3bdd7e6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16760
expires
Tue, 31 Jan 2023 11:47:47 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNTUyMDAxLzUwMDM2NGE3MDI3MjA5MmYxMDdlYjUyY2ZiMTAxMDBiLmpwZWc.webp
s-img.idealmedia.io/n/10321682/492x277/36x0x565x318/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10321682/492x277/36x0x565x318/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNTUyMDAxLzUwMDM2NGE3MDI3MjA5MmYxMDdlYjUyY2ZiMTAxMDBiLmpwZWc.webp?v=1675089944-rxK69GvaxqwOHM328W9iSogUMGg1ZOihX5lIQVyBcJE
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0991eeea3d3acc9936962e6b63bdd1086957405866048eb56368169e4fb101b

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
last-modified
Tue, 27 Dec 2022 08:34:12 GMT
x-mg-request-uuid
42ff873b-4656-48a3-b459-267f369903e4
server
cloudflare
age
40054
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
791afe3bdd816993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23012
expires
Tue, 31 Jan 2023 03:38:10 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNTUyMDAxLzFiZGI5YWRlMDNjYWNkZTU3YzBiMDFmOTY0OGIyZmRlLmpwZWc.webp
s-img.idealmedia.io/n/10325369/492x277/0x0x601x338/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10325369/492x277/0x0x601x338/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTIvNTUyMDAxLzFiZGI5YWRlMDNjYWNkZTU3YzBiMDFmOTY0OGIyZmRlLmpwZWc.webp?v=1675089944-lPmUG6L0vpeFTamFz-cVZphOAnOwasXn-BRpeZGqgHE
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7ca9eb78a6cdf21fd7619300b48056a6ae7e4729b35c3450281c0b74a046fef

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
last-modified
Thu, 29 Dec 2022 15:04:10 GMT
x-mg-request-uuid
a2a93684-1a2d-422f-9abc-00c3bf260094
server
cloudflare
age
11013
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
791afe3bdd836993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21286
expires
Tue, 31 Jan 2023 11:42:11 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvNTUyMDAxLzM4NTQ0ZWU3MjQ2Yjc2YmYxM2Q0YWRhZmM2OTkzOWM4LmpwZWc.webp
s-img.idealmedia.io/n/10124074/492x277/0x18x533x300/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10124074/492x277/0x18x533x300/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvNTUyMDAxLzM4NTQ0ZWU3MjQ2Yjc2YmYxM2Q0YWRhZmM2OTkzOWM4LmpwZWc.webp?v=1675089944-1EhhqWgTG-ArTuL6-iyH9-zv1WjqgiX_gYT5izYOV90
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04234a27aa4ef2202362cf1487be3930cecb13e7b029ec342ae94bc0fdfed03

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
last-modified
Mon, 03 Oct 2022 15:14:32 GMT
x-mg-request-uuid
fc1268a7-545e-49ea-9c22-d3677f2d0024
server
cloudflare
age
53843
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
791afe3bdd846993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6598
expires
Mon, 30 Jan 2023 23:48:21 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvNTUyMDAxLzdlNTU0MTUwYzVmZTQ4YjEzYWQ4ZGUxODAyZGVjZmFhLmpwZWc.webp
s-img.idealmedia.io/n/10263871/492x277/0x0x600x337/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10263871/492x277/0x0x600x337/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvNTUyMDAxLzdlNTU0MTUwYzVmZTQ4YjEzYWQ4ZGUxODAyZGVjZmFhLmpwZWc.webp?v=1675089944-OWqYuRiw5cff7K2IzEx_jyhxM6bQPPKFmF_QM6e5E0I
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d15886eceaf71a6b4a691e5366e677d6bdbb3a9dca94c1ae518666160506aee

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
HIT
last-modified
Thu, 03 Nov 2022 11:13:49 GMT
x-mg-request-uuid
589be083-c485-46ee-a524-e06e4e1b1ac5
server
cloudflare
age
68313
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
791afe3c0dc36993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10802
expires
Mon, 30 Jan 2023 19:47:11 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDEvNzA2ODQwLzM3NWQxM2EyNjhhMGFlOGJkNTFlZGNkYzVmMTFlOWViLnBuZw.webp
s-img.idealmedia.io/n/10359243/492x277/14x0x554x311/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10359243/492x277/14x0x554x311/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjMtMDEvNzA2ODQwLzM3NWQxM2EyNjhhMGFlOGJkNTFlZGNkYzVmMTFlOWViLnBuZw.webp?v=1675089944-KpQN4l6W52e3ocCmQbgRuh2JzELrStGbACFJeaxScXo
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
235c69e161bf3f373466079227fe2e7d73d7c9756a0993cfee427f6ba46d63e7

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Jan 2023 14:44:11 GMT
x-mg-request-uuid
9d7f3bc3-dd35-4c9f-a20c-c00686853407
server
cloudflare
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
791afe3c0dc56993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19658
expires
Tue, 31 Jan 2023 14:45:45 GMT
get
odb.outbrain.com/utils/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.zahav.ru%2F&idx=0&rand=99478&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&adblck=false&abwl=false&px=0&py=15&vpd=0&cw=1600&activeTab=true&ab=0&wl=0&settings=true&recs=true&version=2010113&sig=k1NsLSX2&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.zahav.ru%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bf46b9a4f4b3060d7f7764a646baf89be53db81ac9e84963479dbdde490725e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1675089945.953531,VS0,VE120
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21935-LGA, cache-vie6331-VIE
x-traceid
e7e149c0aa492f47cfd0536025573e9f
accept-ranges
bytes
content-length
924
expires
Thu, 01 Jan 1970 00:00:00 GMT
counter.php
autocounter.idealmedia.io/autocreative/ 		0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autocounter.idealmedia.io/autocreative/counter.php?id=798910&pid=64786&referer=&cxurl=https://www.zahav.ru&undefinedh2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&cbuster=1675089944904743180164
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
791afe3bcb269a0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type
image/gif
i.js
cm.idealmedia.io/ 		0
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i.js?&cbuster=1675089944905191096659
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Jan 2023 14:45:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
791afe3bcb229a0c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
i-noref.js
cm.idealmedia.io/ Frame FC60 		0
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i-noref.js?cbuster=1675089944912686652047
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:dd4a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:44 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Jan 2023 14:45:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
791afe3c0ada6951-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 		227 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.84.208 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-84-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
last-modified
Fri, 23 Sep 2022 12:15:31 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=105702
accept-ranges
bytes
content-length
73257
expires
Tue, 31 Jan 2023 20:07:27 GMT
/
tag.escalated.io/ 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.zahav.ru&type=display&cust=6962&sid=direct&c=&cust2=direct
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
5b8df9ca9d91dbde345c3da756f87adf40404e4cdbf74d436f09b37231a08274
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 24 Jan 2023 16:01:27 GMT
Server
Apache
ETag
"134a3-5f304a0d0a3c0"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
30406
X-XSS-Protection
1; mode=block
prebidamp.js
ecdn.firstimpression.io/static/js/ 		288 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
db96082ab0c3ebb2a2ad65bf2ef851ae196a45930bfb1bf1f6a62e66fa6cb15e

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:14 GMT
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2310
etag
"480ea-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
xpNhklIbmURP-v8nh5SRHCZNFx3heA7ePDHKLgs4LQieyoquA9KdMA==
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Jan 2023 14:45:44 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
30060
x-jsd-version
1.15.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8852
x-served-by
cache-fra-eddf8230082-FRA
x-jsd-version-type
version
etag
W/"6658-uUC6DsKFQz3nsj0JP3lp528lwJQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 9AC0 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
486aba993e2ef444f041fd00b4a92a7793fbbcf1ef0c77fd4db43525ab82bb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:15 GMT
content-encoding
gzip
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2309
etag
"1b9a6-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
36388
x-amz-cf-id
89bwxqnht1vF9P3_DvigV3GbFORkpfo4y4IC1kArlCP50jaD2Oidcg==
fiamp.js
ecdn.firstimpression.io/static/js/ Frame EBD4 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
486aba993e2ef444f041fd00b4a92a7793fbbcf1ef0c77fd4db43525ab82bb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:15 GMT
content-encoding
gzip
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2310
etag
"1b9a6-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
36388
x-amz-cf-id
yHzTgmB9Rko3usQMam4BPGZSoXMzGOJMe2BKuem5v3dtGPf10Mhauw==
touchcarousel.css
doska.zahav.ru/css/touchcarousel/ Frame D573 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
779154b7d164b359fd271d3babb7d4eac4f48c49a978ec0a6e0a3f646056d13d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"103e-5a7176818d1c9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1107
three-d-skin.css
doska.zahav.ru/css/touchcarousel/three-d-skin/ Frame D573 		2 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
c6ca62f78e9bff74cc165d26f88bd40852ae09eac3417e4224b2a9e830da1c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"9bb-5a7176818d1c9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
558
jquery-1.8.3.min.js
doska.zahav.ru/js/ Frame D573 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/js/jquery-1.8.3.min.js
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"16dc5-5a717681a0a4a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33433
jquery.touchcarousel-1.2.min.js
doska.zahav.ru/js/ Frame D573 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/js/jquery.touchcarousel-1.2.min.js?v=109
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
b3f915fc4d0a6193c5009ba3f1e6ed7e3ceac82574437f0df5df606c1dd4a4ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"4e8e-5a717681a0a4a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5279
thumb-vabf1foyzy726596dnx5r933jjkik5v5-web1.jpg
doska.zahav.ru/img/second-hand/2020-09/26/01/ Frame D573 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2020-09/26/01/thumb-vabf1foyzy726596dnx5r933jjkik5v5-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
810c2f4d788fbb9c2d4ce33f11faaf1a3f893f613129d60e804701519bc5895d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Sat, 26 Sep 2020 14:20:09 GMT
Server
openresty/1.19.9.1
ETag
"5f6f4e19-2068"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8296
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-d859d06f5dc2a5965a01f27ff65c9cd1-web1.jpg
doska.zahav.ru/img/second-hand/2015-12/14/03/ Frame D573 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2015-12/14/03/thumb-d859d06f5dc2a5965a01f27ff65c9cd1-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
57fd6c43200b7365f2919217ec479ddd935dcd9f43cb8615e57582ac70adf492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Mon, 14 Dec 2015 13:56:54 GMT
Server
openresty/1.19.9.1
ETag
"566ecaa6-1b82"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7042
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-c1e671133b3778adbee8be3416de22fb-web2.jpg
doska.zahav.ru/img/second-hand/2022-07/20/03/ Frame D573 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-07/20/03/thumb-c1e671133b3778adbee8be3416de22fb-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
61535930a32aa50421b6ae00b53f8c0508945b3d1edf09a2c3ddc0768e318249

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Wed, 20 Jul 2022 12:35:25 GMT
Server
openresty/1.19.9.1
ETag
"62d7f68d-18cd"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6349
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-da2d68610f80f864cc442f4db36134d4-web2.jpg
doska.zahav.ru/img/second-hand/2019-08/06/12/ Frame D573 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2019-08/06/12/thumb-da2d68610f80f864cc442f4db36134d4-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
2da83c245bae0df1dc1fecb7722914590da24e7eb646499ad48950f8ce4cfefd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Thu, 17 Feb 2022 14:07:26 GMT
Server
openresty/1.19.9.1
ETag
"620e569e-1944"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6468
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-0c62291d2526b9950f139c7dfb3f3400-web1.jpg
doska.zahav.ru/img/second-hand/2022-12/21/01/ Frame D573 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-12/21/01/thumb-0c62291d2526b9950f139c7dfb3f3400-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
adb8d414163a26f8b38a7e40195c2c6d3df2681c41ee628c1dfec9552cd87a9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Wed, 21 Dec 2022 11:27:03 GMT
Server
openresty/1.19.9.1
ETag
"63a2ed87-2755"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10069
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-66492494df2e4bd18046eebb98b3d63a-web1.jpg
doska.zahav.ru/img/second-hand/2023-01/26/07/ Frame D573 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-01/26/07/thumb-66492494df2e4bd18046eebb98b3d63a-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ec3f68c2b1e10acdfc6f1016a92486c277d3bd573f1b9a80c89d1d2b226f348c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Thu, 26 Jan 2023 05:15:21 GMT
Server
openresty/1.19.9.1
ETag
"63d20c69-1cb8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7352
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-032eb3d151c1b7b560a57190141124e7-web1.jpg
doska.zahav.ru/img/second-hand/2020-01/23/09/ Frame D573 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2020-01/23/09/thumb-032eb3d151c1b7b560a57190141124e7-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
50bfb8f22ed911a509bbd506390c9c6b57360913c7b58288e4105138b6f96ffa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Thu, 23 Jan 2020 07:08:44 GMT
Server
openresty/1.19.9.1
ETag
"5e29467c-1a3f"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6719
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-dmd2fsvn7d8xcdpwhcpgk9o8h3jsmjae-web2.jpg
doska.zahav.ru/img/second-hand/2022-06/28/07/ Frame D573 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-06/28/07/thumb-dmd2fsvn7d8xcdpwhcpgk9o8h3jsmjae-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
bac5662f4ad8d16fb814c4342ef93a7e8063b08bb95401348037f7aad0c64235

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Tue, 28 Jun 2022 05:23:16 GMT
Server
openresty/1.19.9.1
ETag
"62ba9044-1a30"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6704
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-55f1ea92bf270c278399d02b3033c9fe-web1.jpg
doska.zahav.ru/img/second-hand/2021-01/19/12/ Frame D573 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2021-01/19/12/thumb-55f1ea92bf270c278399d02b3033c9fe-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
f482d4a31c7d062ab15f0a3d0a7289d4eb1699ddb2ed8e5054c08db12757bb2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Mon, 18 Jan 2021 22:55:44 GMT
Server
openresty/1.19.9.1
ETag
"600611f0-23d7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9175
Expires
Wed, 01 Mar 2023 14:45:45 GMT
thumb-76692f2e7aa76aa35740e1b27f783e60-web1.jpg
doska.zahav.ru/img/second-hand/2022-05/02/08/ Frame D573 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-05/02/08/thumb-76692f2e7aa76aa35740e1b27f783e60-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
71aa8464d599e368610cb86981ab30d4607eda5fb00bf25e4b4bbab00de9583c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Mon, 02 May 2022 05:40:54 GMT
Server
openresty/1.19.9.1
ETag
"626f6ee6-1e0e"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7694
Expires
Wed, 01 Mar 2023 14:45:45 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 9AC0 		288 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
db96082ab0c3ebb2a2ad65bf2ef851ae196a45930bfb1bf1f6a62e66fa6cb15e

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:14 GMT
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2311
etag
"480ea-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
BXihOHno0bCjfat9eEQleudAb_QrOKJHcEq7MrAn32tIjfx-TWcNfA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9AC0 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
015a88f91a3b4485fe6e25000a128d17e5685ab906567a2f916f615043582c93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27624
x-xss-protection
0
server
sffe
etag
"1467 / 20 of 1000 / last-modified: 1675080452"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 14:45:45 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=1535926b8054c6b05e98faa50b5cfbb5_73087_1675089945023&tm=267&eT=6&wRV=2010113&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:45 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
2f57f617152b6f53603e9f96da3f047d
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.zahav.ru%2F&idx=1&rand=26854&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&t=MTUzNTkyNmI4MDU0YzZiMDVlOThmYWE1MGI1Y2ZiYjU=&adblck=false&abwl=false&px=985&py=2634&vpd=1434&cw=300&activeTab=true&ab=0&wl=0&settings=true&recs=true&version=2010113&sig=k1NsLSX2&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.zahav.ru%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7a069c6337f9a790bdf963db3fcd635c3b1733d6c6b0930bf8a912057147b5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1675089945.135398,VS0,VE248
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21963-LGA, cache-vie6331-VIE
x-traceid
05ef033ac4b76e2a4588b0bf82633324
accept-ranges
bytes
content-length
8001
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
lg.php
cdn.firstimpression.io/delivery/ Frame 9AC0 		1 B
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=97069%7C97071%7C97072%7C97073%7C97074%7C101157&campaignid=9%7C7%7C11%7C16%7C18%7C34&zoneid=114913%7C114913%7C114913%7C114913%7C114913%7C114913
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
server
Apache/2.4.38 (Debian)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
mO5xmck-Tf0Nr5YX8OSE1UjRjnB4IZi-bnCdqLSh_94MQtZ_Urz97w==
expires
0
v1
tracking1.firstimpression.io/habit/ Frame 9AC0 		2 B
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.153.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9AC0 		256 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=15&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.figroup=a26&tk_flint=pbjs_lite_v6.23.0-FI&x_source.tid=3221f054-8162-4422-b36d-b4a73087bb31&l_pb_bid_id=207df584a89701&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.395688431406946
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0d0974a6bd224080f91a59d02c850a51c48ce6603b5098ad08ebb3aa54d32692

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
256
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ Frame 9AC0 		36 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=711593&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22317361d434e5b7%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0-FI%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224b40d4549c8106%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22711593%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22firstimpression.io%22%2C%22sid%22%3A%226962%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dee00c9b171facf3e8508984a8d324f6fcfd5d7b9458b8733ae046d524567dc

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dXXQ%2BNNUeiiTOqwa7jPvI%2BzawStGPrrOn2hQtj6h%2BT10mRM%2FpXbbiTi8TM529r0t3zxibEDyHu6XIE1hmLoSJqNhNm08Do%2FGHAeqiP577pDbOm0GoEVi4bODODAtWkI1Zthab0mt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
791afe3dbb6a91e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame 9AC0 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Mon, 30 Jan 2023 14:45:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 9AC0 		143 B
948 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
96ee4af1a80bfca826121f15f56b50d47f94f5c3bfe78a430f6535e98e7d39be
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:45 GMT
AN-X-Request-Uuid
f8c6781d-2546-42bb-894c-7d93ccf14291
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
firstimpression-d.openx.net/w/1.0/ Frame 9AC0 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3221f054-8162-4422-b36d-b4a73087bb31&nocache=1675089945195&schain=1.0%2C1!firstimpression.io%2C6962%2C1%2C%2C%2C&aus=300x250&divids=fiInstance_114913_0_796338056276903_unit&aucs=&auid=545675741&aumfs=50
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d9831493a77bdfb3bb5534ffa1a0cf9771e089a187598b55d60da03bfcff059e

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
post
tag.escalated.io/ 		31 B
464 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tag.escalated.io/post
Requested by
Host: tag.escalated.io
URL: https://tag.escalated.io/?i=KxxajmhPPCsT&d=www.zahav.ru&type=display&cust=6962&sid=direct&c=&cust2=direct
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.253.158 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-253-158.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4f4db957340b18ded839648a36bf4271d7edf963930b53aac7351b0a936a1408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
close
Access-Control-Allow-Headers
content-type
Content-Length
51
X-XSS-Protection
1; mode=block
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame EBD4 		288 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
db96082ab0c3ebb2a2ad65bf2ef851ae196a45930bfb1bf1f6a62e66fa6cb15e

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:14 GMT
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2311
etag
"480ea-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
e8x_OoZxFyK87h-VVQqUE2LzwD-mBTmjEJnQTC-ghL3rz3hHEe2_QQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EBD4 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f420d5b6a967dcd39bb20d47407995e9201eda77741d52f5f18fe9ba6516159
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27568
x-xss-protection
0
server
sffe
etag
"1467 / 282 of 1000 / last-modified: 1675080581"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 14:45:45 GMT
pubads_impl_2023011901.js
securepubads.g.doubleclick.net/gpt/ Frame 9AC0 		385 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
506232725b472834278e60634b4137a0358256051a6fb7f6f03582964e756de9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 02:33:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303151
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133253
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 09:34:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Jan 2024 02:33:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 9AC0 		235 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e55afb39855c447bf0795158c649933bd6bd19a472951e873f11c11c44e94a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:45 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame EBD4 		1 B
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=104987%7C104988%7C104989%7C104990%7C104991%7C104992&campaignid=9%7C11%7C16%7C18%7C34%7C44&zoneid=115746%7C115746%7C115746%7C115746%7C115746%7C115746
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
server
Apache/2.4.38 (Debian)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
GexSH5nGOVwDNZeDWpZloVDH3ScDbuxYh6q7S_QvZ2cxuBnSfi0Y6Q==
expires
0
v1
tracking1.firstimpression.io/habit/ Frame EBD4 		2 B
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.153.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
mvo
tag.1rx.io/rmp/212993/0/ Frame EBD4 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/212993/0/mvo?z=1r&hbv=6.23.0-FI,2.1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EBD4 		256 B
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=15&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.figroup=a51&tk_flint=pbjs_lite_v6.23.0-FI&x_source.tid=5c4dd389-f5a3-4b74-80c6-a0980120c983&l_pb_bid_id=43aa599c0c90b8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8153899310540587
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b09ca74ae6b15bdd16dd533dadd3ffbe24c7b24a9ca595fee2a631a46a333e38

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
256
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
firstimpression-d.openx.net/w/1.0/ Frame EBD4 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5c4dd389-f5a3-4b74-80c6-a0980120c983&nocache=1675089945260&schain=1.0%2C1!firstimpression.io%2C6962%2C1%2C%2C%2C&aus=300x250&divids=fiInstance_115746_0_796338056276903_unit&aucs=&auid=558423535
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0f37ad305645ca8e3e7844c03751cb10c6184ad8d15a32ff8b36020037a7a7fc

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EBD4 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Mon, 30 Jan 2023 14:45:44 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame EBD4 		139 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4faceeee99bbe3032660caca806efda13ae2b6b99ead443d8b0a11ed19b1a0b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:45 GMT
AN-X-Request-Uuid
92717f87-11a1-4a55-8d89-9a89c5ad32e0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
lg.php
cdn.firstimpression.io/delivery/ 		1 B
453 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=105195&campaignid=949&zoneid=115822&dt=1&_fiid=A7&cb=19674212
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
server
Apache/2.4.38 (Debian)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
zB3Xk3ekWD4GafRoBtS3CFL5OZ7VdOQpXpz0_rX8kALYvhlinXgsEg==
expires
0
pubads_impl_2023012501.js
securepubads.g.doubleclick.net/gpt/ Frame EBD4 		386 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f368aa8ed1ff20a7f45f67285eb393b6b164a71826955217eaac1aa54c31980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
625
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133524
x-xss-protection
0
last-modified
Wed, 25 Jan 2023 09:36:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 30 Jan 2024 14:35:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame EBD4 		235 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e55afb39855c447bf0795158c649933bd6bd19a472951e873f11c11c44e94a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:45 GMT
grab.png
doska.zahav.ru/css/touchcarousel/ Frame D573 		99 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/css/touchcarousel/grab.png
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"63-5a7176818d1c9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99
sprite.png
doska.zahav.ru/css/touchcarousel/three-d-skin/ Frame D573 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/css/touchcarousel/three-d-skin/sprite.png
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
6c02b4d4daf27fa92211062a42b8d7dd83e3990d80aee07fdfe7b4f6ea093688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"a04-5a7176818d1c9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2564
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.85.96 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-85-96.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Wed, 01 Mar 2023 14:45:45 GMT
date
Mon, 30 Jan 2023 14:45:45 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=244b6bb6c45cb4def97894ee1181dcdf_73087_1675089945328&tm=541&eT=0&widgetWidth=300&widgetHeight=193&widgetX=985&widgetY=2628&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=267&oo=true&lo=1131&odbreq=1417&odbres=1684&cet=4g&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:45 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
804eda4fa88c0db0a1329073a9d2d766
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
streamFeed.js
widgets.outbrain.com/nanoWidget/2010113/module/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2010113/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.85.96 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-85-96.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
912e6379f70f24452c47c9308754448d3e0c2e8c5222d3f71df43cf3a69dd8f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
content-length
13252
last-modified
Mon, 30 Jan 2023 06:13:01 GMT
server
AkamaiNetStorage
etag
"6585eb06199fbc8545a570f6dc559092:1675072383.757712"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Mon, 06 Feb 2023 14:45:45 GMT
get
odb.outbrain.com/utils/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.zahav.ru%2F&idx=2&rand=44515&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&t=MTUzNTkyNmI4MDU0YzZiMDVlOThmYWE1MGI1Y2ZiYjU=&adblck=false&abwl=false&px=490&py=1552&vpd=352&cw=480&activeTab=true&ab=0&wl=0&settings=true&recs=true&version=2010113&sig=k1NsLSX2&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.zahav.ru%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9919cbad15cf23965ada00055e208b5a56f58ae24a2cebde59d94a862dc0132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1675089945.409098,VS0,VE292
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21949-LGA, cache-vie6331-VIE
x-traceid
59ac33179f1fc5a6f9112fcc0db1b203
accept-ranges
bytes
content-length
10262
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6IjAwNzQwMTAzZWJjZDQxNzQxMjI1NDk1YWZjYzIxNjYxMDRmM2E5MzdiOTM3ODgxMTU1NWUwNjljZWY1ZjVjMzkiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjAwNzQwMTAzZWJjZDQxNzQxMjI1NDk1YWZjYzIxNjYxMDRmM2E5MzdiOTM3ODgxMTU1NWUwNjljZWY1ZjVjMzkiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db67b567b8dffaf33669c47a96a42d1a19cb7f99037fad1f3bad96780eb7efba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
last-modified
Sat, 07 Jan 2023 23:16:32 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1770956
access-control-allow-credentials
false
x-traceid
28dd838192bfe8b85214e5cf9843bcbb
timing-allow-origin
*, *
content-length
6644
eyJpdSI6Ijk1MTA5OTNmNDQ4NDk4YzU3ZDk3NjM1OGMxZWM2ZDYxYTJmOTBiNDc3Njg5ZGUwOTNkYmIxNDhkMWVhNmIyM2YiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijk1MTA5OTNmNDQ4NDk4YzU3ZDk3NjM1OGMxZWM2ZDYxYTJmOTBiNDc3Njg5ZGUwOTNkYmIxNDhkMWVhNmIyM2YiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
74a96bd51a611af61006e99313be644fefbae9c222bbdcd22624e0f35eaf1d88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
last-modified
Mon, 23 Jan 2023 13:22:47 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*, *
cache-control
max-age=2276675
access-control-allow-credentials
false
x-traceid
51767845652db83fc03ebf1d13c15e9f
timing-allow-origin
*, *
content-length
7852
outbid
outbid.firstimpression.io/v1/ Frame EBD4 		204 B
478 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
25d810c8362ddc40819717eae08193e2f828a72b4092a26fa386d8d4fccfa66b

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
via
1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
content-length
204
x-amz-cf-id
TFIt9UhgA9OUv4X6y9wruLj9B3hCmb3DIeN2LmU7xlaxSPWhY-Cy-g==
outbid
outbid.firstimpression.io/v1/ Frame 9AC0 		169 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
b8a25da5e29dff3161cc813b321ca4375e5ae6d494be64b757c0d3f56d03655c

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
via
1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
content-length
169
x-amz-cf-id
DxlDcVrf0q9EuDZJkXhwE2hk8TaiCSrB-izMcK1j-A6MdqwgCfJaGg==
get
mv.outbrain.com/Multivac/api/ 		64 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.zahav.ru%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=2010113&apv=true&sig=k1NsLSX2&format=html&rand=84845&osLang=en-US&seid=null&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=MTUzNTkyNmI4MDU0YzZiMDVlOThmYWE1MGI1Y2ZiYjU=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=3&lastCardIdx=0&fAB=no_abtest&layeredTestInfo=12475-0-&dpr=1&cw=300&activeTab=true&ogn=https%3A%2F%2Fwww.zahav.ru%2F&chs=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2010113/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fb5857c3180220bb1180d35b01729d4fc0055050b78d2270dc09b84b9ad65fbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1675089946.508249,VS0,VE791
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21982-LGA, cache-vie6331-VIE
x-traceid
ee1aeca1694a6af220d97c82e6eb2c1d
accept-ranges
bytes
content-length
15981
expires
Thu, 01 Jan 1970 00:00:00 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		262 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.84.208 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-84-208.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

unused62
8096267
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
last-modified
Wed, 14 Jul 2021 08:22:46 GMT
server
Apache
etag
"1481c32-41771-5c7110f340cdf"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=41448
accept-ranges
bytes
content-length
82748
expires
Tue, 31 Jan 2023 02:16:33 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2836a92ed5effcbaf0543c232ba75c2f7f3de25e33d182461fc9192b709eadf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
791afe3fee2dbb59-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1016 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230130
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9bc1987f47b5008bc2ca258e9e9d3e58ad0e7e8fa7f90b4490619c8d06429c6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Jan 2023 14:45:45 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
38698
x-jsd-version
1.0.1602
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
882
x-served-by
cache-fra-eddf8230082-FRA
x-jsd-version-type
version
etag
W/"636-BxlK/YFDuO/myAW6wGceYSwMODM"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
512072
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OkjU9of8eqgJo4vPtPLLfcfIQ0KU5n7DsapXvS1Xc1%2BWgT38vAEFg2%2FXtrW%2FQtNXOeVMwkCLLSwgfJZbrq7oqfODCppncC2J7x0%2BCG%2BW51i9dgGtxuupJU%2BKsfbZxDv47bTz0CNho2EGyiC"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
791afe4009798ff5-FRA
arj
u.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=58967de8-fbec-4be9-bf86-39012ca0b072%2Cadc0b17d-1e7a-42fb-bd3b-1a93858fe8a5%2C8c123461-8d94-4c8b-a068-ae6a7ff3d49e%2Cfc5feabf-6809-4f8b-9602-562af81bab03%2Cba9d7816-9d6e-48e5-bb93-7d9ffe7e7cc4%2Ce72d1892-2726-4191-b6e2-94a74ead9a7c%2C0337f6d3-c67f-4cd8-8a2e-a9fe2111a8f0%2Cd4ed1a61-d6f3-4b57-9a87-9ca4d20a9b95%2C7d77d4fa-f31f-4968-b38a-8b7546058bd2&nocache=1675089945588&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%2C970x350%7C120x600%2C160x600%2C300x600%2C300x1050%7C120x600%2C160x600%2C300x600%2C300x1050%7C120x600%2C160x600%7C468x60%7C300x250%2C468x60%7C320x50%7C300x250%7C320x50&divids=adSlot-1%2CadSlot-2%2CadSlot-3%2CadSlot-4%2CadSlot-5%2CadSlot-6%2CadSlot-7%2CadSlot-8%2CadSlot-10&aucs=43010785%252Fzahav%252Fmain%252Ftop_desktop%2C43010785%252Fzahav%252Fmain%252Fskyscraper_desktop%2C43010785%252Fzahav%252Fmain%252Fskyscraper_desktop%2C43010785%252Fzahav%252Fmain%252Fskyscraper_desktop_menu_down%2C43010785%252Fzahav%252Fmain%252Fbaner_strip_desktop%2C43010785%252Fzahav%252Fmain%252Fvideo_box%2C43010785%252Fzahav%252Fmain%252Fbanner_main_strip%2C43010785%252Fzahav%252Fmain%252Fmiddle_rectangle_desktop%2C43010785%252Fzahav%252Fmain%252Fbanner_weather_strip&auid=544104786%2C544104786%2C544104786%2C544104786%2C544104786%2C544104786%2C544104786%2C544104786%2C544104786
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8d727537eea622a4a1dfed50354434f00887a5292731d84b097219a3fd0b6d4a

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		400 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Ftop_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=58967de8-fbec-4be9-bf86-39012ca0b072&l_pb_bid_id=12ae924953438f7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Ftop_desktop&slots=1&rand=0.4707040018221613
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8009a3bdd13e4e550cb8d91c511b46501b91cb8f4457cfea8774f15df76ed27a

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
400
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		409 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=9&alt_size_ids=8%2C10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=adc0b17d-1e7a-42fb-bd3b-1a93858fe8a5&l_pb_bid_id=1347fae790b203c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.6864678587838458
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c13b983fea35df1a66cd851c5095ec23a7734b630f1aa927e174bd792bb0e12a

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
409
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		409 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=9&alt_size_ids=8%2C10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=8c123461-8d94-4c8b-a068-ae6a7ff3d49e&l_pb_bid_id=1443bb9955a6866&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.16536581395729
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
15b2471849f00bfa4a4db3c90bcd238e6060b945677ab82d2f581e21d238f3a9

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
409
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		413 B
448 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop_menu_down&tk_flint=pbjs_lite_v6.29.3&x_source.tid=fc5feabf-6809-4f8b-9602-562af81bab03&l_pb_bid_id=152bf2305f66995&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop_menu_down&slots=1&rand=0.1560251275517699
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5b4d0549fbd9ed35f77441ca5611f3982ce773adb38e163ec6469d99575086d0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
413
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		385 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=1&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fbaner_strip_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=ba9d7816-9d6e-48e5-bb93-7d9ffe7e7cc4&l_pb_bid_id=16ad75dd8a78815&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fbaner_strip_desktop&slots=1&rand=0.966655371162386
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2b30b8af0e51c334fb2999b1dd5a29381a1cd6c98af6b056cc3052fe3af5bdac

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
385
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		395 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=15&alt_size_ids=1&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fvideo_box&tk_flint=pbjs_lite_v6.29.3&x_source.tid=e72d1892-2726-4191-b6e2-94a74ead9a7c&l_pb_bid_id=17b038366d7f31a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fvideo_box&slots=1&rand=0.9590006047046877
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0603c6ca80ecb7b77ba7110ff017476dd882545e075946f844a18384ffc83785

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
395
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		384 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=43&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fbanner_main_strip&tk_flint=pbjs_lite_v6.29.3&x_source.tid=0337f6d3-c67f-4cd8-8a2e-a9fe2111a8f0&l_pb_bid_id=184d3620a0f78b9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fbanner_main_strip&slots=1&rand=0.8273184081709484
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
71a6d415828cc228b6b7796a33f34df3bd00a4bc9f86da8d08480eefc79f808e

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
384
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		391 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fmiddle_rectangle_desktop&tk_flint=pbjs_lite_v6.29.3&x_source.tid=d4ed1a61-d6f3-4b57-9a87-9ca4d20a9b95&l_pb_bid_id=196b29a72c4f9ee&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fmiddle_rectangle_desktop&slots=1&rand=0.7383872993756582
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fb31f9629730ffe91684e265cbc76b4de6bceb9df35599c181e62b5e1b7697d6

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
391
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		387 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=43&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.ref=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fbanner_weather_strip&tk_flint=pbjs_lite_v6.29.3&x_source.tid=7d77d4fa-f31f-4968-b38a-8b7546058bd2&l_pb_bid_id=2073584caa8fb06&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fbanner_weather_strip&slots=1&rand=0.3257497836197105
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1dc85b6ce2f9d4238d8e6dcfe6a9c64eb7ca34aa84da83f530b8b1e9accc4083

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
387
expires
Wed, 17 Sep 1975 21:32:10 GMT
/
b1h-euc1.zemanta.com/api/bidder/prebid/bid/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h-euc1.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Connection
keep-alive
Access-Control-Allow-Origin
https://www.zahav.ru
Access-Control-Allow-Credentials
true
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
cdb
bidder.criteo.com/ 		18 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.29.3&cb=52419095128
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
hb-mm-multi
hb.minutemedia-prebid.com/ 		105 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.83.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-83-201.compute-1.amazonaws.com
Software
/
Resource Hash
b09f7259d863b5ca48eb4801cc697cc00daf1b283b66ece8a4d958fd05babd3e

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
x-reason
maxmind anonymous
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.zahav.ru
content-type
application/json
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length
105
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715827&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227163ed6d7edb3c6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%2C%22domain%22%3A%22zahav.ru%22%2C%22publisher%22%3A%7B%22domain%22%3A%22zahav.ru%22%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A20%2C%22msi%22%3A20%2C%22mfu%22%3A0%2C%22bu%22%3A9%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A9%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.3%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2272693f974c9699d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A350%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22970x350%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fzahav%2Fmain%2Ftop_desktop%22%2C%22gpid%22%3A%2243010785%2Fzahav%2Fmain%2Ftop_desktop%22%7D%7D%2C%7B%22id%22%3A%2275252813f0d13e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fzahav%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fzahav%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%2278b364e45639456%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22160x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x1050%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fzahav%2Fmain%2Fskyscraper_desktop%22%2C%22gpid%22%3A%2243010785%2Fzahav%2Fmain%2Fskyscraper_desktop%22%7D%7D%2C%7B%22id%22%3A%228135e4507b54e8f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22120x600%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fzahav%2Fmain%2Fskyscraper_desktop_menu_down%22%2C%22gpid%22%3A%2243010785%2Fzahav%2Fmain%2Fskyscraper_desktop_menu_down%22%7D%7D%2C%7B%22id%22%3A%228376a5a4a2e906%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fzahav%2Fmain%2Fbaner_strip_desktop%22%2C%22gpid%22%3A%2243010785%2Fzahav%2Fmain%2Fbaner_strip_desktop%22%7D%7D%2C%7B%22id%22%3A%22843fd0c6b68068e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22468x60%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fzahav%2Fmain%2Fvideo_box%22%2C%22gpid%22%3A%2243010785%2Fzahav%2Fmain%2Fvideo_box%22%7D%7D%2C%7B%22id%22%3A%2286092fefb363807%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22320x50%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fzahav%2Fmain%2Fbanner_main_strip%22%2C%22gpid%22%3A%2243010785%2Fzahav%2Fmain%2Fbanner_main_strip%22%7D%7D%2C%7B%22id%22%3A%2287a991149fe012a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fzahav%2Fmain%2Fmiddle_rectangle_desktop%22%2C%22gpid%22%3A%2243010785%2Fzahav%2Fmain%2Fmiddle_rectangle_desktop%22%7D%7D%2C%7B%22id%22%3A%2288c46656c9b1fb2%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22320x50%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%2243010785%2Fzahav%2Fmain%2Fbanner_weather_strip%22%2C%22gpid%22%3A%2243010785%2Fzahav%2Fmain%2Fbanner_weather_strip%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
809fa0a31a087de8d1276e61e10854d5403382947f2149247d8f291c64856cef

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uG%2BmgYIdlxsGOPHqs%2F5GZ7e6665xgLQhAKVbz82jodE%2BmtsPQkG%2FZxmOK%2BryaPaCFLW6hZVZkLHlVnR55h0yhYI7BUMMSQXac81gBtKX0oKEGrZiChFoIHqAtecN2zrUdLg7GLV9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
791afe40192591e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebid
ib.adnxs.com/ut/v3/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7cebc3ab0a883e1cffb03eb85709331910ab0c1c2cc147697fcfa3f737aa9327
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2961b806-4c14-45b2-bc66-a582ad1bd122
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1865094716149427&correlator=1646242460914918&eid=31071679%2C31071944%2C31071971%2C44777629%2C31071974&output=ldjh&gdfp_req=1&vrg=2023012501&ptt=17&impl=fifs&iu_parts=43010785%2Czahav%2Cmain%2Cprestitial_desktop%2Cstrip_KATAVA_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4&prev_iu_szs=1x1%2C480x175&ifi=1&adks=269758030%2C3897208859&sfv=1-0-40&ists=2&prev_scp=slot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dstrip_KATAVA_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1675089945626&lmt=1675089945&dlt=1675089943783&idt=328&adxs=-12245933%2C490&adys=-12245933%2C1862&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.zahav.ru%2F&frm=20&vis=1&psz=0x-1%7C480x0&msz=0x-1%7C480x0&fws=640%2C132&ohw=0%2C480&ga_vid=1296710250.1675089945&ga_sid=1675089946&ga_hid=1289731455&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47c51f0b16c28981677f008176c5ab754750a428bec79a14bf4cc095fca7cce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10684
x-xss-protection
0
google-lineitem-id
-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1085 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame EBD4 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EBD4 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EBD4 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4489605705208446&correlator=4046059414151702&eid=31071829%2C31071945%2C31071971%2C31071324%2C31071973&output=ldjh&gdfp_req=1&vrg=2023012501&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A115746)_(wf%3A23024)_(b%3A104991)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&adks=1326134502&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1675089945658&dlt=1675089945050&idt=318&adxs=985&adys=1738&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=c6duf193hi0k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.zahav.ru%2F&top=www.zahav.ru&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1296710250.1675089945&ga_sid=1675089946&ga_hid=1761411004&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
554a88e98a96fc401b9c867ebcb2d66b847e8b5820795cdda0bb4475d7836f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10225
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EBD4 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b4bdf055f77c2d7baa0a194ff4b43bdb570fb9adcc06956c7bcbfc44ae70abe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11130
x-xss-protection
0
container.html
76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A0FA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 9AC0 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9AC0 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9AC0 		718 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2175582266090224&correlator=1604065733824671&eid=31071662%2C31071974&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A114913)_(wf%3A21938)_(b%3A101157)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&adks=991922139&sfv=1-0-40&eri=5&sc=1&cookie_enabled=1&abxe=1&dt=1675089945693&dlt=1675089944947&idt=350&adxs=985&adys=1492&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=98y4sugc9jb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.zahav.ru%2F&top=www.zahav.ru&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1296710250.1675089945&ga_sid=1675089946&ga_hid=1705464179&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
386
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9AC0 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2afbc5e6d400b5c4c98d68ded2ca58d662b9308ca46392d6e13e861db2073a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11240
x-xss-protection
0
container.html
ffc13fe933f5196d3afbf06344ee7d5c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C671 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ffc13fe933f5196d3afbf06344ee7d5c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adagio.js
script.4dex.io/ 		74 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:45 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
NJK804ZWZVM134Z4
Age
622572
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
p+iSeCv00CIsN5wlM0KaTX3c0Q6lHjTiyjVH9BbcCsBHNBxa1WJpqewiBhCGm0BrQwMNgCCtcFk=
Last-Modified
Tue, 22 Nov 2022 09:44:15 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Adh7%2BtRiASTvTEzsbwcIn2ENYg6MvYzcdcERF26tG6aScA8Ylrir5G42%2BVaDbGB4mmxMGW7CevrHCf0INxS6uYDQa9WNK1B80s6zi9X2P33GHE4fuGxHfG0wPskhxL6IZuet3QYobBba1qI%2F"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
CF-RAY
791afe411bc29213-FRA
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.85.96 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-85-96.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires
Wed, 01 Mar 2023 14:45:45 GMT
date
Mon, 30 Jan 2023 14:45:45 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1673369412.559449"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
access-control-request-headers
X-OB-STG,X-OB-PRD
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=3fb1c6197d6a78ac0b6ceda30e1b07d0_73087_1675089945633&tm=894&eT=0&widgetWidth=480&widgetHeight=304&widgetX=490&widgetY=1540&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=296&oo=true&lo=1131&odbreq=1691&odbres=2038&cet=4g&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:45 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
dadf4acb5e5cce663814db7b6e68362d
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
odb.outbrain.com/utils/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.zahav.ru%2F&idx=3&rand=6475&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&t=MTUzNTkyNmI4MDU0YzZiMDVlOThmYWE1MGI1Y2ZiYjU=&adblck=false&abwl=false&px=490&py=3754&vpd=2554&cw=480&activeTab=true&ab=0&wl=0&settings=true&recs=true&version=2010113&sig=k1NsLSX2&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&chs=1&ogn=https%3A%2F%2Fwww.zahav.ru%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c1bae4e89b801a134fddbab245b509772697bbba5bdcc7b339ade2ae48d5760d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1675089946.762319,VS0,VE290
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga13622-LGA, cache-vie6331-VIE
x-traceid
b42c1977eaeebbee2fade3c25bdcda90
accept-ranges
bytes
content-length
11368
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6IjEwOTI1M2ZjYTAxNGJmODcxYzgzYzc5YjU4OTRjYjVkMDRlOTRjMWRlYTNkNWQwZmY5MjBiZjBiNzk1NjQ1YTMiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjEwOTI1M2ZjYTAxNGJmODcxYzgzYzc5YjU4OTRjYjVkMDRlOTRjMWRlYTNkNWQwZmY5MjBiZjBiNzk1NjQ1YTMiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7581ffbb071b2fd9d4e8f2d0f827b2ac625eebc8ef4ec011ed40fb42fb1ac83d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
last-modified
Fri, 30 Dec 2022 06:43:42 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2189619
access-control-allow-credentials
false
x-traceid
ecef1c7ee3cf90a3f75b503bcbd81881
timing-allow-origin
*, *
content-length
3680
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EBD4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9AC0 		0
0
container.html
76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BED2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
tracking1.firstimpression.io/habit/ Frame EBD4 		2 B
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.153.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
adview
securepubads.g.doubleclick.net/pagead/ Frame BED2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXqcKGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRBs3sHAeqDryDIEcV2lvkZZBF8CvqyBA9ONgkaS1gHNJNRhQdazZXgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzeACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzYyMjE1NjQwNTMxMzA2MxjW1RE&sigh=25LNsjxKpP4&uach_m=[UACH]&cid=CAQSSwDUE5ym6u3BGGRtkuSMIOGYMDReJUWlEs0D908Nwf-h4ZtOaQOONRMAm1d5bgHPEdnoirDpXU_Js_ZaqIgX63iFVmbIR0iSMMGoVhgBIBM
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame BED2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k-nfFJWYY6wC-gGdg2ICAgAAAIa3FT_jkk6PttfnSAk5jtsQGdjXY_x_y1sbAx4u_vkbABIAAAoOQVFVQkFnWUJBZ0VCQWc&wp=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
185037
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame CC30 		51 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Requested by
Host: 76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
URL: https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
253dadb9be21a50c39c7b4478a0b219bdd8e1b1d0613c8a054063d2695a9d9e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=c7AJQESZAMkklcl4shtWGfJDMJb_GaRPTOCQ3WBEOR_zoOexbhDtYYFHZi7rqhcMJSW1yFIgYl5-U3hnobQmnN3Ofjwxwmsp20knO59va31YWwu6uZVbYL-AT8oVFbRfLfruQuqi636mdJ_e65uzUhetVb7na2CoMxbcNS0g9I1UdP2BgGSfNVbqvM87Pb88gf1uK6adM3s5e4QvMjE3WX0AVyHG_P-hR1_EQxDbM6oz-KyfJmigCTlfqMhtUyGOF-lBZw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4499729
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame BED2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
URL: https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame BED2 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
URL: https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14917
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BED2 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
URL: https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 03:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
214123
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Jan 2024 03:17:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BED2 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
URL: https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:45 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B6C5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:26:53 GMT
expires
Tue, 30 Jan 2024 14:26:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 17BE 		783 B
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d9738dde7487e1ec2fb51a694d37de9c4b96e0ce071c786c2954d80d86153bd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qUTWSi5drqcSVGKAfE5vbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-qUTWSi5drqcSVGKAfE5vbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Mon, 30 Jan 2023 14:45:45 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame BED2 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb10d76aa53883f6ea71af1d4c7777ad3660843c53939e8c59a7cb1bc350bb0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame B6C5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 17BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012501&jk=4489605705208446&rc=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
fiamp.js
ecdn.firstimpression.io/static/js/ Frame D727 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
486aba993e2ef444f041fd00b4a92a7793fbbcf1ef0c77fd4db43525ab82bb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:15 GMT
content-encoding
gzip
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2310
etag
"1b9a6-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
36388
x-amz-cf-id
ozbskQonD5PWtcA12GJbo08WUJVCvVOt08L5GpEYWRA3eJCPxfp94A==
fiamp.js
ecdn.firstimpression.io/static/js/ Frame BF6D 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
486aba993e2ef444f041fd00b4a92a7793fbbcf1ef0c77fd4db43525ab82bb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:15 GMT
content-encoding
gzip
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2310
etag
"1b9a6-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
36388
x-amz-cf-id
2W-sSiWk3v0LOKBS7kXmQJ0l3VXVKmhuYRoTfyPkUigTyxkgBEhbMQ==
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E3BA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.zahav.ru
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 30 Jan 2023 14:45:46 GMT
server
Google Frontend
x-cloud-trace-context
299490b769df472fcc0021456273c3e9
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
x-request-id
e34add39-053a-46e5-87f2-95fb9b5654bf
x-vad-version
0.9.18

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
x-cloud-trace-context
5e54d1b2bcd775b9ba5cf468f9fe6ac1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16
x-request-id
undefined
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		553 KB
106 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1865094716149427&correlator=2815516772570807&eid=31071679%2C31071944%2C31071971%2C44777629%2C31071974&output=ldjh&gdfp_req=1&vrg=2023012501&ptt=17&impl=fifs&iu_parts=43010785%2Czahav%2Cmain%2Ctop_desktop%2Cskyscraper_desktop%2Cskyscraper_desktop_menu_down%2Cbaner_strip_desktop%2Cvideo_box%2Cbanner_main_strip%2Cmiddle_rectangle_desktop%2Cbanner_weather_strip&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10&prev_iu_szs=480x1%7C770x430%7C728x90%7C480x270%7C720x300%7C970x90%7C970x250%7C970x350%2C120x600%7C160x600%7C300x600%7C300x1050%2C120x600%7C160x600%7C300x600%7C300x1050%2C120x600%7C160x600%2C480x50%7C468x60%2C320x50%7C300x250%7C355x215%2C320x50%7C460x60%2C300x250%2C320x50%7C460x60&fluid=0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0&ifi=3&adks=111351918%2C3986781459%2C3986781468%2C1647081971%2C4292339436%2C811035952%2C3937227143%2C1284453618%2C2515212461&sfv=1-0-40&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dskyscraper_desktop_menu_down%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dbaner_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dvideo_box%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dbanner_main_strip%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dmiddle_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dbanner_weather_strip%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1&eri=1&sc=1&cookie=ID%3D08615cfad064c080%3AT%3D1675089945%3AS%3DALNI_MYNHxB9eHZVBxUfaiDBGAzvywnV3A&gpic=UID%3D00000bacf427177d%3AT%3D1675089945%3ART%3D1675089945%3AS%3DALNI_MayyUWYF9nxSVYzft6uscqGHX2_Jg&abxe=1&dt=1675089945995&lmt=1675089945&dlt=1675089943783&idt=328&adxs=315%2C1480%2C0%2C315%2C490%2C490%2C490%2C985%2C490&adys=15%2C0%2C0%2C752%2C485%2C750%2C1255%2C2604%2C2661&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C2%7C3%7C4&ucis=3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.zahav.ru%2F&frm=20&vis=1&psz=970x0%7C0x-1%7C0x-1%7C160x0%7C480x0%7C480x0%7C480x0%7C300x0%7C480x0&msz=770x0%7C120x-1%7C120x-1%7C120x0%7C480x0%7C300x0%7C320x0%7C300x0%7C320x0&fws=132%2C644%2C644%2C132%2C132%2C132%2C132%2C132%2C132&ohw=970%2C0%2C0%2C160%2C480%2C480%2C480%2C300%2C480&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1296710250.1675089945&ga_sid=1675089946&ga_hid=1289731455&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0685005fa255d1100a5eef08f8e129f40f0565af7560d6f78d17e9640873000c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108233
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame BF6D 		288 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
db96082ab0c3ebb2a2ad65bf2ef851ae196a45930bfb1bf1f6a62e66fa6cb15e

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:14 GMT
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2312
etag
"480ea-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
fSX-ErDMMtEcsJ8zEaTsT2JEiFTWCadZlglQv3CYJ0q-EXRRYcdwmQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame BF6D 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
742f972bdb883ceffc538615da3dfb2c08d3902686b79f495e255b05d9200fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27569
x-xss-protection
0
server
sffe
etag
"1467 / 115 of 1000 / last-modified: 1675080581"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 14:45:46 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame D727 		288 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
db96082ab0c3ebb2a2ad65bf2ef851ae196a45930bfb1bf1f6a62e66fa6cb15e

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:14 GMT
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2312
etag
"480ea-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
IXoq7zAluAAAw9AFdR1d246tWSzbCZ8kqqWDWPPS-N51hRZcl0kcHA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame D727 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d5e2dee576c2bdaa579ac52418cf08775594360d88718cd68e38d353d226183
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27568
x-xss-protection
0
server
sffe
etag
"1467 / 691 of 1000 / last-modified: 1675080581"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 14:45:46 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame CC30 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CC30 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CC30 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 25 Jan 2024 14:45:46 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame CC30 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 25 Jan 2024 14:45:46 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame CC30 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=eBezHualgHjjvVj5AF3j6gChQcBrXE_nzd-q35Apl5t8yCB5U1-KwJRh_Yr_opJ45WVM1nNnaw1WhiraL0cywe03v3QUZRvx3cj5XR7WB8yo5JPudh9C_kgY5gg9KkrlD8RwOhiqEddbcbdoEqQ3GKen6hBedYJJNM2AOLjc9_ydHXLAxqvKMOizFrQZH6xXoz45AeHs6xY8ZAIZW7XQFXEzncUtrXRuVEw4COq9W6AEdCJwOiffLP_yS1ni6kpj3HXH_w1A3i_vlFVF2Pkchd3CERIyCf5qSBCMppOQVvdIOJ-0_ZbfHsgYdMDg1AYaCJh2S93m-FkZywN-aVjWj6NAwOwdcLGCLmwnFL8BHWZXmi9o7VIYJVdcOm_GFnRH9DNkkilaYWZuhygEuv8DQ5XTPln8-dXpviReNiTTI1P_9xFN
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3058345
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca5b568c67934d75b550a3b0b61ce6a6_image_ad_300x250.png
static.criteo.net/design/dt/70777/221011/ Frame CC30 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/70777/221011/ca5b568c67934d75b550a3b0b61ce6a6_image_ad_300x250.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
808c54effac2ddbaf08253dbee351267c8536141bf316fdfbcf875c7dd3768be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Oct 2022 14:18:37 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"63457b3d-829a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
33434
expires
Thu, 25 Jan 2024 14:45:46 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E3BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKxX5GdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSWAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7cg6tEZ9WWlQzzTr-mcYC5XiWOVGwtdBK31RaSZdLI67pas2Tb5qv4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=ZV6huWowdYE&uach_m=[UACH]&cid=CAQSSwDUE5ym5UUqEBCvvN9rTyZjQuK2Z22U5daeAVx8DnmKIbsj28iIehPK90idhQ5TDTFq2stUwhW71o0JkreDVk5sFXNcbuEvZXuyoBgBIBM
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame E3BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k6KGDbr5ROADrwGdg2ICAgAAAI9v_qchM8M6UwfGnGMh-yoQGdjXYyecmvChbNyM1NrpABIAAAoOQVFVREFnWUJBZ0VCQWc&wp=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
375537
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 0CA0 		165 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9c7877e1d384c0b999c561aa3346a5a367d4363be46abd66cb0ce90c01ac3a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ms1iTESZAMkklcl4H0-2GyV2ClhduWwlk4XlngGDgCQCwg-yUufgCsfM6hhsRquT5EZ64va-rnKNZbPgBupuVsj-FSg-R0598buvG3j6yaBsFnakpCf2zvARGj7TKzKSPTEAhNliwdpupueyfCgWEVdonLWPa4F6MoLIez7RNwZEiV2aWeR9iwK6KiHyh7JtPMOX3vlgX2-R1j492lrvjWki8Av2SpFKop9DP2GxXkEVGo1iB9PPhxnpO6kvXz_m6niUyQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
101936542
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame E3BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame E3BA 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame E3BA 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 03:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
214124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Jan 2024 03:17:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E3BA 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:46 GMT
all
csm.eu.criteo.net/ Frame CC30 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=c7AJQESZAMkklcl4shtWGfJDMJb_GaRPTOCQ3WBEOR_zoOexbhDtYYFHZi7rqhcMJSW1yFIgYl5-U3hnobQmnN3Ofjwxwmsp20knO59va31YWwu6uZVbYL-AT8oVFbRfLfruQuqi636mdJ_e65uzUhetVb7na2CoMxbcNS0g9I1UdP2BgGSfNVbqvM87Pb88gf1uK6adM3s5e4QvMjE3WX0AVyHG_P-hR1_EQxDbM6oz-KyfJmigCTlfqMhtUyGOF-lBZw&sds=2&rev=84429&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Jan 2023 14:45:45 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CC30 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CC30 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=424044421f3983fadd8b6e9f628fb49d_73087_1675089945984&tm=1280&eT=0&widgetWidth=480&widgetHeight=751&widgetX=490&widgetY=3922&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=379&oo=true&lo=1131&odbreq=2044&odbres=2423&cet=4g&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:46 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
d1c7685f956bb742a2bdc595b930a820
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
lg.php
cdn.firstimpression.io/delivery/ Frame D727 		1 B
443 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=105201%7C105202%7C105203%7C105204%7C105205&campaignid=9%7C11%7C16%7C18%7C34&zoneid=115823%7C115823%7C115823%7C115823%7C115823
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
server
Apache/2.4.38 (Debian)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
CGnDHWQISRGHd0lai_iY9v7nnjp3ZCbV_agFiA3DBJy0PnS81_nZkQ==
expires
0
v1
tracking1.firstimpression.io/habit/ Frame D727 		2 B
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.153.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
arj
firstimpression-d.openx.net/w/1.0/ Frame D727 		73 B
147 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cb4965e3-c151-412f-b6d1-4e99f2788a28&nocache=1675089946153&schain=1.0%2C1!firstimpression.io%2C6962%2C1%2C%2C%2C&aus=160x600&divids=fiInstance_115823_0_796338056276903_unit&aucs=&auid=558438159&aumfs=100
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ff1f53bee8d59ccd36b10c8c813222a9dc0e5fbfcaee8f81ddaa9d2c19bd778b

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D727 		255 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=9&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.figroup=a53&tk_flint=pbjs_lite_v6.23.0-FI&x_source.tid=cb4965e3-c151-412f-b6d1-4e99f2788a28&l_pb_bid_id=4f13a2d91c1c61&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.12644353185028367
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1d93f6c62f338ed833987bb72c1c77fa7515552472a9b9f16b121bc1e4dbc200

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:46 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
255
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame D727 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Mon, 30 Jan 2023 14:45:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame D727 		144 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a3165e28bebaad123ec25ea95a94d83ba0e27ef4ab977e542781ea82c6b264c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:46 GMT
AN-X-Request-Uuid
84e5572b-85cb-4daf-a190-8a6f612d3883
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame BF6D 		1 B
444 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=105201%7C105202%7C105203%7C105204%7C105205&campaignid=9%7C11%7C16%7C18%7C34&zoneid=115823%7C115823%7C115823%7C115823%7C115823
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
server
Apache/2.4.38 (Debian)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
jMCdX2gpdWB2HbVzaEUgfIDEiUw7-9KWZeCwwRky91YtrV2nSfeXKQ==
expires
0
v1
tracking1.firstimpression.io/habit/ Frame BF6D 		2 B
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.153.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
arj
firstimpression-d.openx.net/w/1.0/ Frame BF6D 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=645060b3-a6e1-4e71-a0f3-2780233fa489&nocache=1675089946160&schain=1.0%2C1!firstimpression.io%2C6962%2C1%2C%2C%2C&aus=160x600&divids=fiInstance_115823_1_796338056276903_unit&aucs=&auid=558438159&aumfs=100
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8a7d2e2139bbb99146d1a5a6cb9198195bc0f4d849fb8bf6ee92dd0412373a89

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame BF6D 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Mon, 30 Jan 2023 14:45:45 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BF6D 		255 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=9&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.figroup=a53&tk_flint=pbjs_lite_v6.23.0-FI&x_source.tid=645060b3-a6e1-4e71-a0f3-2780233fa489&l_pb_bid_id=6c2b8679e5b7f6&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9560523435931156
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a1dc7e9d974a4c6a447337c0bd883625160b92cfd8311a955a9684f7514d0d2d

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:46 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
255
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame BF6D 		138 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
af8b66d1d780c6e94b5f71917064214c2f59fd4fe5e5be8a660f97128438735b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:46 GMT
AN-X-Request-Uuid
fb3bb557-17aa-4402-9cd6-3651105e9302
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
eyJpdSI6IjhmZDFhNGQ4NWU2OWYxNGQwNjJhOTJiMTY5MGZhMWJmYzExMGFiOThhZjBhYmZlNWUwMjFlMTc1ZjYxYzVmMzUiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhmZDFhNGQ4NWU2OWYxNGQwNjJhOTJiMTY5MGZhMWJmYzExMGFiOThhZjBhYmZlNWUwMjFlMTc1ZjYxYzVmMzUiLCJ3Ijo1MDAsImgiOjMyMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bf14f29e311e38bd5333f8cdbe27cca9dc5bc698cfd746b708e50a7450f95d88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
last-modified
Sat, 07 Jan 2023 22:15:51 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1506736
access-control-allow-credentials
false
x-traceid
5f4ff448a52f3371a73b8d41f6c26465
timing-allow-origin
*, *
content-length
30038
truncated
/ Frame E3BA 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1dab71b378f734f0261f1839fadf904241930143dc6d6b804ca1bf380fd1a218

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0CA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0CA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0CA0 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 25 Jan 2024 14:45:46 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0CA0 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 25 Jan 2024 14:45:46 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 0CA0 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=vr9JdCtNqgy1rZOUCiQsTxNJ_wjW-pvA6l4myZ4PDHuvRIQsuzC-fdh1IUr2hYyRipEygHp-7F_EAgcRhNyjqe4hGJ9FxT8ZeK7KYyMIsqiFD4HXFh_dube7GXKyLMI11Jd2c-9v_fFOcv8CpzSH33TyfF7ZLTsLUqYDPHokNF1oVGaGzz5Hu3sUucbJjL_SPTMKqokVI8ZCf8uW2uDbmELBg2M8Ys6Y51glBgc9IKDD9OmNJJkX8zlB-08NpPYFh5ZIqOz83nzh65CyLuJDYj9lMka1k8mYyVUzW7s69NTv1iqkK4sIHPkFXsEeLfb3o4Ti60wPr2vDERikXGcGmhBRVkOPP6jGP2WLahTWqaLpmUEFK6xmQICYE5QXs0T3wbGNemYq3SubmZI04VpFtAmgLB4ig3tK694mYcXVnz7Bu9jC
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2431028
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubads_impl_2023012601.js
securepubads.g.doubleclick.net/gpt/ Frame BF6D 		386 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:14:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133524
x-xss-protection
0
last-modified
Thu, 26 Jan 2023 09:36:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 29 Jan 2024 10:14:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame BF6D 		235 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e55afb39855c447bf0795158c649933bd6bd19a472951e873f11c11c44e94a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:46 GMT
pubads_impl_2023012401.js
securepubads.g.doubleclick.net/gpt/ Frame D727 		385 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1529002ff0f1d31928a5090c1f28de571b19464dcd04540a5dcff9be9277dffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 11:53:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133217
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:35:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 26 Jan 2024 11:53:10 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame D727 		235 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e55afb39855c447bf0795158c649933bd6bd19a472951e873f11c11c44e94a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:46 GMT
generate_204
tpc.googlesyndication.com/ Frame B6C5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fjBenQ
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 0CA0 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
animejs.js
static.criteo.net/animejs/ Frame 0CA0 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=346&m=0&partner=41274&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F41274%2F181121%2Fee4e3a068c914c8888c2a3d4c9a20fdd_logo.png&v=3&w=196&s=2BJnAh-j71cHD0Nta_FIuNt2
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
8bbab11e31317bf825ef772b5c78330f695c9a6cf061e94d2a639ae5b2e5790a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31071163
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10019
expires
Thu, 25 Jan 2024 05:38:30 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F8859e9dc18c8ac7edf9c3e210bf06026.jpg&v=3&w=400&s=4so7fkfcJBW5flYWt6XlfWTo&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ee41c1f451d739ef9af98450c339fa1809cc6bc0493fba60e5db1f7ca25d579a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
32914
expires
Mon, 30 Jan 2023 14:45:46 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F75ff2e40b77a5deedb8fce6a9253100e.jpg&v=3&w=400&s=27WBcPSFH3izaqacu7HvUogA&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
05479038542845ad179d0ec3b647781a0711275ce243c6c9f7220429f6d8a8c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=6886
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10294
expires
Mon, 30 Jan 2023 16:40:33 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2Fca38202e92834c8b6978797746903ee9.jpg&v=3&w=400&s=-1zRIkjP4Fidw5Z85w_FY7D2&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
97a2cdab1baf6f1998a9205f38777631a7fae0e5bcc2afee40112549c6a1e637
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=36942
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12624
expires
Tue, 31 Jan 2023 01:01:28 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F57c09eb113f499847a7d0140449a6462.jpg&v=3&w=400&s=a__XUUN4VqR1E_V44ZVZ27XB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
da0b6d838568578267adb1ed368f7832905c45d4431e6cb28601db4161e280f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=17941
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19634
expires
Mon, 30 Jan 2023 19:44:47 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2Fcf5b94cc4244053eefd449c7fc59134d.jpg&v=3&w=400&s=kjbRU3vMvmS9_b9eDEaDMaQl&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3d7b5e2860d070b9cbad6ae9998843a9c172c4870eed3a6ae217cff33571faa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=25237
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8334
expires
Mon, 30 Jan 2023 21:46:23 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F3f11ae2ce47247ddb3a9034b5a473809.jpg&v=3&w=400&s=uGcs-xnTN9bwiJdztcsOmK3u&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
019b9c2efa78a4e16ee425e8a4026596165b5b8bffb8c05902a32aafb3ca3bed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=13037
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5920
expires
Mon, 30 Jan 2023 18:23:04 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F632b7a1a05e80edfb6bfe2f323c8304a.jpg&v=3&w=400&s=iTCd5P_TdV869pHSWXd0jpCQ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
236e80aed19c1817c47e0ae685b639d38ff9dd06e0c4238098e045ffcfcb66cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=11713
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8878
expires
Mon, 30 Jan 2023 18:01:00 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F0dabbd310642674ad31c2c78b46f5120.jpg&v=3&w=400&s=Z8tzGVvstj8NP8L0rE_S3FjF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
95044a79f9caa269e38e4f71eb0e3163c92a27dd9d75585dd969693c0e137815
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=17504
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6498
expires
Mon, 30 Jan 2023 19:37:31 GMT
img
pix.eu.criteo.net/img/ Frame 0CA0 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=41274&q=80&r=0&u=https%3A%2F%2Fcdn.witt.info%2Fimages%2F9ec42153efd7fdba65742275500c9c9f.jpg&v=3&w=400&s=i05mfcEwMCFbiYh-scf3VoO_&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
7a98b64008da9d9f9b2939d54dc7f8a9df69ad11b4a4286067f7f5dac201a014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=19551
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21128
expires
Mon, 30 Jan 2023 20:11:38 GMT
all
csm.eu.criteo.net/ Frame 0CA0 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=ms1iTESZAMkklcl4H0-2GyV2ClhduWwlk4XlngGDgCQCwg-yUufgCsfM6hhsRquT5EZ64va-rnKNZbPgBupuVsj-FSg-R0598buvG3j6yaBsFnakpCf2zvARGj7TKzKSPTEAhNliwdpupueyfCgWEVdonLWPa4F6MoLIez7RNwZEiV2aWeR9iwK6KiHyh7JtPMOX3vlgX2-R1j492lrvjWki8Av2SpFKop9DP2GxXkEVGo1iB9PPhxnpO6kvXz_m6niUyQ&sds=2&rev=84429&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0CA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0CA0 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQAKvk8H_ZFyAA2rw_4LesAxi0tsTSYaeQ&u=%7CY1d6DzpxH%2BuA%2BntpbnZwlzjEVxRgHmzjIumYAyduZVI%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrn0bJRZSWEljoMqTy8nHmy3nBR3pkar3jW9x1qp97j4VxsJ0frS2_wCeY7F2f7xNI7YNZyegK3S5_BR4F12gu8KLyi7-qJsKZnrVqsmfp9MHy6ynp2k3nz0kRezbdR3SFTC5EjL6GltFk5Ul9G579f2DysO-8HPnum6qk0Hwgk5agYlPt7cGCC7W43TrzOGWaZiuvmrXZxriVmfl87Lyl-ivu3RjCtIW0GaACF3wVyFP73nFeV7y7bh0nY6xDiUHgozOY1AKd3I9-_OsSaXV4rQvG78CbeJ1QzUFa9gY4Yf3H1j7Ufyp-1bBrURMzDWEyFj0Gcm1Z7wC6O8ryFk8TJgIq-e_xLy32AL61BG2QefJArafXtDyVs64_X0d-RCWMUWWth2VQ4bgZBYR8WVB_Bc402MXtMZi2ap4-vpA-efiihzA1s_lyvc3fdQSdJbdcBdRZhE17aF2G2yT0dnlGD-n_REsAjISpnn0aM3zV7LIIighUGSMZkiqgSto_MNC9s_zTDpBvSCjHl2tly0jQ8V5brreOoxL5E7wmgjwmroq_etBMp3Zw2p9a2ZzMrId6mO9_t2FV4yf8avPEXkQFKY6FCiVxmQDK6HifjGY0bLY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCdthAGdjXY8_8KvKi9u8Pw9e26AXJntKxXKX8k_dwwI23ARABIABglYKAgKwHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAght91njR7I-4AIAqAMBqgSZAk_QydTeST3Gsa_XIRaHMnQY29-hABkf82dG9AA7nuS18N3BLXC0skQCFD5knZJ1jzqHtprJvhtA-kT7bQhzw1O5oCaJY8xBOzaj6D2VdcpBsQd99R_gwHqPyJOCeHTUWZWWjrJws1UhrOJADNyCG-L8NqvwWL4v-aEtYFR2gMEg-rMVm-gRfaYmmw3ajEHsc3B32eZPIB2CXY9iYZ-ZEdDnR6nzTpvN-BFWyTqhKXVDcSQJE06NZHTfocYufpjVbSL020TjwzvrePdFM8vMFGSydvy8LdcluERzdOh2UxYiikiAzc7CRAMe4_pTq4R7ckyvMA3R1cggcqbqOhY_Q4CfLVsGv_5SXeCSdDG5nLDFckg564kQQkMU4AQBgAaAxMHNr5CO2GWgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_27z3_uR6mEh_sEnzYaSP6ruFeQmg%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
outbid
outbid.firstimpression.io/v1/ Frame BF6D 		169 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
373680bb06414e0199fba5eb7e116f43357f600447756bf79b782081f4d0ef84

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
via
1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
content-length
169
x-amz-cf-id
WeG3SllPwjuXcoSQ-8M84H9-npjuEIgaJqGDCOBXYUxBuuJEJ_Lldw==
outbid
outbid.firstimpression.io/v1/ Frame D727 		169 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
373680bb06414e0199fba5eb7e116f43357f600447756bf79b782081f4d0ef84

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
via
1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
content-length
169
x-amz-cf-id
eRDODMoYr0k4NcOXukg-BSG2rOmhL2k9p9OO7q2-tkHmvJGqWUcPNg==
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=26220d6ada63d0d37f8d5de53524825c_73087_1675089945851&tm=1560&eT=0&widgetWidth=300&widgetHeight=158&widgetX=985&widgetY=3114&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1131&odbreq=1417&odbres=1684&mvreq=1741&mvres=2683&re=2705&cet=4g&cs=4&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:46 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
12eb690d9d84265bb9ecd8b37f4334ff
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=bd0db7e96ab582bc58727837192e11f6_73087_1675089945967&tm=1563&eT=0&widgetWidth=300&widgetHeight=158&widgetX=985&widgetY=3280&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1131&odbreq=1417&odbres=1684&mvreq=1741&mvres=2683&re=2708&cet=4g&cs=4&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:46 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
49916de771b987c67f853e68e7e7b6d6
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=8d3c5841d52119f3c0da092d90cd31a5_73087_1675089946110&tm=1564&eT=0&widgetWidth=300&widgetHeight=158&widgetX=985&widgetY=3446&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&lo=1131&odbreq=1417&odbres=1684&mvreq=1741&mvres=2683&re=2709&cet=4g&cs=4&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:46 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
0347fe70dee3ea6cfe94552c33c63e49
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
get
mv.outbrain.com/Multivac/api/ 		106 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.zahav.ru%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=2010113&apv=true&sig=k1NsLSX2&format=html&rand=82907&osLang=en-US&seid=null&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=MTUzNTkyNmI4MDU0YzZiMDVlOThmYWE1MGI1Y2ZiYjU=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=7&lastCardIdx=0&fAB=no_abtest&layeredTestInfo=12475-0-&dpr=1&cw=480&activeTab=true&ogn=https%3A%2F%2Fwww.zahav.ru%2F&chs=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2010113/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
842e5e70a2db1e50f594c2cbdd96cd61b2df3434f663d26b53fa1d168212781d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-cache-hits
0, 0
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, VIE, Europe1
x-timer
S1675089946.427988,VS0,VE1472
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-served-by
cache-lga21967-LGA, cache-vie6331-VIE
x-traceid
b610704220eeb17a7c459445479abcf4
accept-ranges
bytes
content-length
26328
expires
Thu, 01 Jan 1970 00:00:00 GMT
eyJpdSI6ImE4M2YyOTFjYzA0MWFlMTQ2NTU2Yjk5NjI0ZTQ4ZDQ1OWZlN2Y4ZjNjMjA2MGM5YTNiYTU3YWI4ODY5MzNiZDEiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImE4M2YyOTFjYzA0MWFlMTQ2NTU2Yjk5NjI0ZTQ4ZDQ1OWZlN2Y4ZjNjMjA2MGM5YTNiYTU3YWI4ODY5MzNiZDEiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e2a22b966a9515d2608d689594f6b4d7e56bfc122e49d2e919381a0eb1dc5f99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
last-modified
Mon, 16 Jan 2023 12:52:08 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1246058
access-control-allow-credentials
false
x-traceid
c2908672bf9560a505d6823d610a23d4
timing-allow-origin
*, *
content-length
5416
eyJpdSI6ImViNDhmMGIwZjQ2OGM5NGIwZWEyMTg5YTJhOGM0ZWMwNDAzMDYwMjM3MDIzZDIxMGQ5ZGFiNzU3NTZjMWVkMzgiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImViNDhmMGIwZjQ2OGM5NGIwZWEyMTg5YTJhOGM0ZWMwNDAzMDYwMjM3MDIzZDIxMGQ5ZGFiNzU3NTZjMWVkMzgiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b8c3ad787d595d4940358b19c549f27e2e7ee3e019533d939e337df098921a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
last-modified
Wed, 04 Jan 2023 13:52:21 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2174737
access-control-allow-credentials
false
x-traceid
dad8c881b84d2c093553a5adc65011ba
timing-allow-origin
*, *
content-length
12046
eyJpdSI6ImVkZDE1YzBiMzE0NWYwZTE1NmI5NzVjNWFjMDNkODJmYmY5YTFmY2Q4YjU3Y2QwMDQ2Yjk0MGMwZmZkMTI1NzkiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVkZDE1YzBiMzE0NWYwZTE1NmI5NzVjNWFjMDNkODJmYmY5YTFmY2Q4YjU3Y2QwMDQ2Yjk0MGMwZmZkMTI1NzkiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
148181625a43116572bbe0c90b49dc6bff53b41408a6211f56c4fc5e546beb53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
last-modified
Thu, 19 Jan 2023 09:05:18 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=1491626
access-control-allow-credentials
false
x-traceid
5d675e94fed089a2fcebfb38447175e9
timing-allow-origin
*, *
content-length
6366
eyJpdSI6IjQ4NDFmM2ZmZTQ4OWM0YmE3MjgzNDZhOWQyZjViODExMjg0MWQyOTNlZTk1Y2I4NzZmMWJkY2FjYjYxMjNkMzEiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ4NDFmM2ZmZTQ4OWM0YmE3MjgzNDZhOWQyZjViODExMjg0MWQyOTNlZTk1Y2I4NzZmMWJkY2FjYjYxMjNkMzEiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
46600025eb21fa52b84be1f006aeea4d75e9fcf97be91c5ea8b0a2b3c67a91a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
last-modified
Mon, 30 Jan 2023 12:28:45 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2462400
access-control-allow-credentials
false
x-traceid
41473ccbb3dd015b32379d91c9028e5f
timing-allow-origin
*, *
content-length
4252
eyJpdSI6IjE5NzY5MGE3NmFiZjY3YTIyYjhkM2Q3YzZiNGU0NTAzYWE3NWY4MjBiYmZlOGQ2NjI0NWMxODdiYTcxODU2NWUiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE5NzY5MGE3NmFiZjY3YTIyYjhkM2Q3YzZiNGU0NTAzYWE3NWY4MjBiYmZlOGQ2NjI0NWMxODdiYTcxODU2NWUiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef0905ba3d96be8249f9f94a39645e6f7376384fd3bac721c9e9fe22b954b9d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
last-modified
Sun, 08 Jan 2023 22:26:42 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=597056
access-control-allow-credentials
false
x-traceid
934e0630de2e106f93a4f385b58bbd0d
timing-allow-origin
*, *
content-length
5314
eyJpdSI6IjJlZTlkNjFiYmFhMDI4OTk2ZTI4YWQ5YWNkMjRmY2M3MTAxNTFkMzBmYjU2ZjE4MjhhZDcyYTlmZDA4MTEwYzEiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjaCI6MjE3NDc0MjkwLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJlZTlkNjFiYmFhMDI4OTk2ZTI4YWQ5YWNkMjRmY2M3MTAxNTFkMzBmYjU2ZjE4MjhhZDcyYTlmZDA4MTEwYzEiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjaCI6MjE3NDc0MjkwLCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.221.169 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-221-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b2bd7aec67a18a4df67f129a596f09782103ec1941bd49bc223ca153a1754de3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
last-modified
Wed, 18 Jan 2023 22:09:01 GMT
access-control-allow-methods
GET,POST
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2173442
access-control-allow-credentials
false
x-traceid
ac201aac52d2d441136945019d10d4d1
timing-allow-origin
*, *
content-length
3430
integrator.js
adservice.google.de/adsid/ Frame BF6D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BF6D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame BF6D 		93 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4384104399971354&correlator=2460511237994648&eid=31071678%2C31071830%2C31071944%2C31071972&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A115823)_(wf%3A23110)_(b%3A105205)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=1&adks=2141079529&sfv=1-0-40&prev_scp=fi_group%3DG0%26fi_group_keys%3D%255Bobject%2520Object%255D&eri=5&sc=1&cookie=ID%3D08615cfad064c080%3AT%3D1675089945%3AS%3DALNI_MYNHxB9eHZVBxUfaiDBGAzvywnV3A&gpic=UID%3D00000bacf427177d%3AT%3D1675089945%3ART%3D1675089945%3AS%3DALNI_MayyUWYF9nxSVYzft6uscqGHX2_Jg&abxe=1&dt=1675089946438&dlt=1675089945952&idt=381&adxs=315&adys=1402&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=1hbl2cdibtoq&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.zahav.ru%2F&top=www.zahav.ru&frm=23&vis=1&psz=160x-1&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=1296710250.1675089945&ga_sid=1675089946&ga_hid=92849139&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4eda6bd1ddd10315c64f1184fa2c9bc7a909356c7857dbe1439a5557ce34bb63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15346
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BF6D 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6d98898f27fb52368eb2820eba5b3b36f8698a886b99b2e547d5c0a626868d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11231
x-xss-protection
0
container.html
a74e63c6efbe6f16f103d9d7d15d0b0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1C22 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a74e63c6efbe6f16f103d9d7d15d0b0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:46 GMT
expires
Tue, 30 Jan 2024 14:45:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame D727 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame D727 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame D727 		24 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1013356184984728&correlator=3662544919503963&eid=31071363%2C31071499%2C31071868&output=ldjh&gdfp_req=1&vrg=2023012401&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A115823)_(wf%3A23110)_(b%3A105205)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=1&adks=3390250395&sfv=1-0-40&prev_scp=fi_group%3DG0%26fi_group_keys%3D%255Bobject%2520Object%255D&eri=5&sc=1&cookie=ID%3D08615cfad064c080%3AT%3D1675089945%3AS%3DALNI_MYNHxB9eHZVBxUfaiDBGAzvywnV3A&gpic=UID%3D00000bacf427177d%3AT%3D1675089945%3ART%3D1675089945%3AS%3DALNI_MayyUWYF9nxSVYzft6uscqGHX2_Jg&abxe=1&dt=1675089946459&dlt=1675089945943&idt=412&adxs=315&adys=752&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=k39823fcvtcl&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.zahav.ru%2F&top=www.zahav.ru&frm=23&vis=1&psz=160x-1&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=1296710250.1675089945&ga_sid=1675089946&ga_hid=1721570399&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49b4da558c3ca84b5118392939c26d9ce5df6f3629e6e29cf63a1d06bf50aca8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10209
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame D727 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28b06d2958620fe14c87ade3a529cf56f1bdc6713ba012f70f9cb4274eaab368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11227
x-xss-protection
0
container.html
b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F3B9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:46 GMT
expires
Tue, 30 Jan 2024 14:45:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BF6D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:46 GMT
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 0CA0 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D727 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:46 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E24 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1133
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:26:53 GMT
expires
Tue, 30 Jan 2024 14:26:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EF7E 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab17d9888da7fe191380187f35a1d5181e1fd2bed84f4f53de53f21ca094e20d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fiBr9l6-ow7VXZdk-89HKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-fiBr9l6-ow7VXZdk-89HKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:46 GMT
expires
Mon, 30 Jan 2023 14:45:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 9E24 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EF7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=4384104399971354&rc=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BB70 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1133
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:26:53 GMT
expires
Tue, 30 Jan 2024 14:26:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame DE2C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4aaf032c9174722aee7ef436331041bddbc1f550632060b00bfba2ae407651ee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AqSlsMPXVlkzwkMf126wOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-AqSlsMPXVlkzwkMf126wOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:46 GMT
expires
Mon, 30 Jan 2023 14:45:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BC95 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071868
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:46 GMT
expires
Tue, 30 Jan 2024 14:45:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame D727 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sree&pvsid=1013356184984728&vrg=2023012401&nw_id=15764254%5C%2C43010785&nslots=1&eid=31071363%2C31071499%2C31071868&pub_url=https%3A%2F%2Fwww.zahav.ru%2F&sid=1013356184984728&adk=3390250395&nf=false&rc=0&sret=10.100
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
tracking1.firstimpression.io/habit/ Frame D727 		2 B
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.153.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
adview
securepubads.g.doubleclick.net/pagead/ Frame BC95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CycTPGtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS2Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXivSA2NFGEGRJDh37IPOSspKyzUfs5_saZUKeTk6uUsmkFvrwnsrgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM2MjIxNTY0MDUzMTMwNjMY1tUR&sigh=zcPfoJgIhiQ&uach_m=[UACH]&cid=CAQSOwDUE5ymqy7T8TlqxTXeIrIOFaefYb_hbLTT7GGVX4YHnmIYWUwA0WqH-o2J_Aw6m18zSm4uRj0IqG4FGAEgEw
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame BC95 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k6LpFJWYY6AB2ASdg2ICAgAAAIa3FT_jkk6PttfnSAk5jtsQGtjXY0Qz62MB7avWrRYXABIAAAoOQVFVQkJRWUJCUUVCQlE&wp=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
255303
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1403 		120 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Requested by
Host: b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
URL: https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6186cfea35c31d72e10d231fd3c43c0f30f91f1248488723fb58399e8d5847e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:46 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=J7HIhESZAMkklcl47dXk02kTtzzelTD-8a7_DUiYJua3iV4EPAa0tMxyA73eD1xaH5o2jECSz7-hYIXgwpqDPzg1SKOwakV07q10vwZrGhEV557xOc6hzKM42_7C9eC6ATWNHEBfg4BjqPP5Eq-W5nq-qdsHVZbG1CI8W8Ld5NS1g2MXqaYo4hqj_0fWABZyE7Z-wyMa1nN3f3JuJnI--HaM1Mbcj-4O9J---AXzPrraDOyMpyCqE8j2gLFa3PZx680quQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
22437750
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame BC95 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
URL: https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame BC95 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
URL: https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
l
www.google.com/ads/measurement/ Frame BC95 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTnJS30y1iPBhe4mvfTLxq8fIQGOHWySb9q_me98rrUbbWahX_zuLF31SzGKZSF64nAwygu
Requested by
Host: b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
URL: https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame BC95 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
URL: https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 03:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
214124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Jan 2024 03:17:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC95 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
URL: https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame DE2C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012401&jk=1013356184984728&rc=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame BB70 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
generate_204
tpc.googlesyndication.com/ Frame 9E24 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6-RP7A
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ Frame BC95 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a643d5f5dc66c01bd0503068c3d1ec5ef2ff01a318e2268470745d1e0b8b098

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1403 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1403 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1403 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 25 Jan 2024 14:45:46 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 1403 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Thu, 25 Jan 2024 14:45:46 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1403 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=z_sYUcLhwAqFVIgZmp7WgowCGoQMKTezrYpYRPwEvZg9-Uv-Mxw3sEv4sLdhpTvj4Z9dn5cBuRjBB4Se8VNXSmG0mfEJm61FqgHaN-yLNcCSu6WAChL64dqw7aqgFVSBCfDi2_-ytW6FqKuiIqO6A8uWtFTVu4PNzR1-bKJN-KoLrmbwad9cI44y8mYgbWwCdWDB6hAcUsIkuva62qc6ebI_GkjC4QcI3lolRQBHsWklZ4O6E8YWcJFss88l9jZbZIppkOxi46Q8_mcP-pdR671upaU-IKjqa0tAnGOiq0uW9b9bMMDEOlFf6zc7bOxG-yM3HN7OM87Xh8QfSYv6X5ABT2byPxHFh4FOKpDuv7TWY5p0YEEiMUuUDix1gOKEf2GW_xEpzAQtJHa6_xhvwrNALM0Lot0IDQwnoi_T2ujMc-9e
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3333860
expires
Mon, 26 Jul 1997 05:00:00 GMT
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 1403 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
animejs.js
static.criteo.net/animejs/ Frame 1403 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
img
pix.eu.criteo.net/img/ Frame 1403 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=260&m=0&partner=25852&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F25852%2F221220%2F3589824d46464af7aecd1cd45ce24f57_wkdade_1200_x_190.jpg&v=3&w=268&s=ykWZe7r-nkHAE6UF-8Yd39P9
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
a62ebf7d18ed2972a10bf34a67dae30568e60b0139642ce3876cd6ef1492580d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30207300
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2350
expires
Mon, 15 Jan 2024 05:40:46 GMT
img
pix.eu.criteo.net/img/ Frame 1403 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=25852&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F25852%2F221220%2F39657aaeec634bc1b82c7f35be801b88_de_mosaic_no_cta_no_cta-2.jpg&v=3&s=lDrwGpHwqGfu--2FOdaL_EvP
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4212ad6c13757fe8fd652f24cdd44743a7e960fc77b15d5f051b75cdd6fd127d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30235711
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
52676
expires
Mon, 15 Jan 2024 13:34:17 GMT
all
csm.eu.criteo.net/ Frame 1403 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=J7HIhESZAMkklcl47dXk02kTtzzelTD-8a7_DUiYJua3iV4EPAa0tMxyA73eD1xaH5o2jECSz7-hYIXgwpqDPzg1SKOwakV07q10vwZrGhEV557xOc6hzKM42_7C9eC6ATWNHEBfg4BjqPP5Eq-W5nq-qdsHVZbG1CI8W8Ld5NS1g2MXqaYo4hqj_0fWABZyE7Z-wyMa1nN3f3JuJnI--HaM1Mbcj-4O9J---AXzPrraDOyMpyCqE8j2gLFa3PZx680quQ&sds=2&rev=84429&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Jan 2023 14:45:46 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1403 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1403 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301112346000/ Frame 1DD6 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b506520a9a42179a54e4f0c7a3857a37634ea5827ceb362ab79e89969067138b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 11:08:56 GMT
age
272210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61771
x-xss-protection
0
server
sffe
etag
"004684fcaffa7679"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jan 2024 11:08:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame 1DD6 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa962698add9de75106dc5ced0bb9ec5099cd40f69acc2972648cee49296271b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 26 Jan 2023 22:49:44 GMT
age
316562
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"cee5c64b71634b65"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 26 Jan 2024 22:49:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame 1DD6 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73c12c92bdd8ea974a45dfc34ed9b0e830c9ad357e49e5bb542043efb3cd7a93
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 13:02:43 GMT
age
265383
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28839
x-xss-protection
0
server
sffe
etag
"22d781f17bba60c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jan 2024 13:02:43 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame 1DD6 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c96e53d0c54ccf0ff0f7c4484c1187a869ee8554f730233e792ee5b13f5c7e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 11:09:04 GMT
age
272202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16692
x-xss-protection
0
server
sffe
etag
"af568f7dd65b8cf2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jan 2024 11:09:04 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame 1DD6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd65d87aadfcaecbae93f6bc1268b9ce00d65fc6cf1e0c84a4d115a27d4bc3ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 26 Jan 2023 20:21:25 GMT
age
325461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1907
x-xss-protection
0
server
sffe
etag
"5788572ff662ddbc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 26 Jan 2024 20:21:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame 1DD6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
520f191e28d82a3d011d351dbcf9b4fbc0594c805ce77a8bde3167ba0e506426
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 04:23:02 GMT
age
296564
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12955
x-xss-protection
0
server
sffe
etag
"ba03cd6134fdf15c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jan 2024 04:23:02 GMT
truncated
/ Frame 1DD6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ec1f972b9ef2ae55c71ae58ce6f237b6147e0a02b0bf15e3a2ff7d3493348d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
bg.jpg
tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/ Frame 1DD6 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/bg.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6251f4cdeea85f4e17568e044ef880406464e036a27eefc6968548d1fa6dec0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 14:53:31 GMT
x-content-type-options
nosniff
age
258735
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40074
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:20:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 27 Jan 2024 14:53:31 GMT
txt_1.png
tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/ Frame 1DD6 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/txt_1.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9cb428def2a2029a7e3f16a1a537ba3106032a92eeb28b0198326c80b2e4630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 12:54:15 GMT
x-content-type-options
nosniff
age
352291
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5203
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:20:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 26 Jan 2024 12:54:15 GMT
txt_2.png
tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/ Frame 1DD6 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/txt_2.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5266d3c7c073798021ba297b3644a1da5012b9d18fad71372191977279e74339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 22:02:16 GMT
x-content-type-options
nosniff
age
319410
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5101
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:20:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 26 Jan 2024 22:02:16 GMT
cta.png
tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/ Frame 1DD6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/cta.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
512d6e9833ddbdc3571f3ca863a605075cf389d305cfc63f215de755c1cc1854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 02:34:56 GMT
x-content-type-options
nosniff
age
303050
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2367
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:20:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 27 Jan 2024 02:34:56 GMT
frame.png
tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/ Frame 1DD6 		603 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/frame.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11ad992bb4911306422bdd369818ea5d9bd38790c77dd1220dbee33c79565778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 15:17:08 GMT
x-content-type-options
nosniff
age
257318
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
603
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:20:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 27 Jan 2024 15:17:08 GMT
pillow.png
tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/ Frame 1DD6 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/pillow.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03aeb73ebfd0385df968e824e81656ea88edfc875ad410793e6139461fa40262
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 15:31:09 GMT
x-content-type-options
nosniff
age
342877
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58589
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:20:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 26 Jan 2024 15:31:09 GMT
logo.png
tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/ Frame 1DD6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2207780554988137621/160x600/logo.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93d3ad417f90dc2679f721a0105974469055e6110c6da0a316a52ae9b8e4731e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 04:24:39 GMT
x-content-type-options
nosniff
age
210067
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2957
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:20:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Jan 2024 04:24:39 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1DD6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 01:16:29 GMT
x-content-type-options
nosniff
server
cafe
age
48557
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3041
x-xss-protection
0
expires
Tue, 31 Jan 2023 01:16:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1DD6 		344 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 11:46:04 GMT
x-content-type-options
nosniff
server
cafe
age
10782
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 31 Jan 2023 11:46:04 GMT
l
www.google.com/ads/measurement/ Frame 1DD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTn6Fd0F60SnBvuiXpIOUCs8OHVRod2lIZJQiFMGbElWpHSHd_MOPUux6D61i7aEc0HKya9
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 1DD6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHwIMGtjXY_64Hqqx9u8P1ZypoAWzopjRbuf13JmCEYfLvfzHARABIM7D9BxglYKAgKwHoAHb5sW5A8gBCakCCG33WeNHsj7gAgCoAwHIAwiqBJMCT9BlCIys24Cr3NXK5U0Ci0iYYY_Umfw60BYGAMKWK_kwzUw2Uwi_AWww_G942g3RcsvQoZ0VTbXilboawl3HBDL7z16ycv8jF8cO9-UdX_ST5UWWqJUx-S8i2a-OmTln2mNaIQmAik3ZkvUNXScMlLBGezJJdLrmyNgVKP-lXMt3znQxdKCVEIaBteNBTURMXUQ8X9hsClwAqyi7js6YcflHiGudS9UTsGdNeKye0eQ8QrAvBXTDYQNqEFVfl8WZC0-qSQnCeKuXk8fs1lkoNA6a6pSLj_r7yBauZLlHafakD99nAsjti0KrxnXwGm4cj7EWS95VtwPGC2Idz360WVwTiy9ikrx2kAHapEX1Cy1fpQDABP3U282XBOAEAZIFBAgEGAGSBQQIBRgEoAYugAeNmbpGqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgIAF0ggRCIDhgHAQARgdMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzeACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItMzYyMjE1NjQwNTMxMzA2MxjW1RE&sigh=katXDZQQEoA&uach_m=[UACH]&cid=CAQSOwDUE5ymhfYdxZc3nt5LAKp6TP0y2iN5jS9_i95gZq_0pvTXvwIh-C403GyjVE6uDThMqLE3wjbZhXu6GAEgEw&template_id=419
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
v1
tracking1.firstimpression.io/habit/ Frame BF6D 		2 B
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.153.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 1403 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 25 Jan 2024 14:45:46 GMT
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 60B4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame EBD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012501&jk=4489605705208446&bg=!KCulK2_NAAZSrDxfcqw7ACkAdvg8WplPDggp2INe1DKPuY8qpn2T9xi0owjXfJ9e_iqD0jXp64qnTQIAAAE-UgAAAAJoAQeZArbI28yOiM5YGjViB1Xqzb0zefdta2OX53CG9rjLSo1dSKNnVYAVQAv9scCP9VrhTjus3F8jKaVQcowYPuvzMw8cDy73FRqthuFr4W6pJDeFJ8zZa197LiU2lY3VMXl6h33hX4gRSAisc9T1BPzzXMa5wi1RkNX7O8MVmCjRzPKFmhifQvRo0CAoYuDfODJS0jyw_odqqLuAFO5JUyUq0OEgM8bSDipaTPPl_r6MxwPEI_kpm7ZUM8qSb69SxesMujuTmfNlOycg16RjSCfnonmo0jcYHXSTXpFdKmaQMb2Xq1YIXiA0nJGhZLYhANMg-_Z4ZtaLWJ_1ZNqV7xhYNjK0FKZf_Wz2zYoZrJvXA3DU4Cs0XjETQClKpzRot1z6_cR3iCKARGv1kqq0JF1S4vfZr3gkwYc90aZuJIKqT67V8hkW4pSNAj_-V9mSQ9WDGIu62Dlz9Ml5mq8NhMXQAZsGOzbrLzUOcPgIK-N0nd2mipuW4t_6qf8xmlh4ZwH9dOaeSvGpvczYVixtL4Ljcw2rx2qb8xcvL5GowOQt1stn4KbZ0RNgsDp50tWnYIfmJ9HJtYCR6zwcYHb4bbovUFKRvyF1yUS_G8IEIWG6XPjnFODqTmULlL4fhh_Mz8MgY-H9gCHYANHvnk-46mFAPw9-gukVDiCnJjcfLatQt9bnciS-gcbgFlS8IWVJu_a_dYWU2YbsHmgGDW-NCltA17OgX8EMBZa8onouCwEDrtv2N7zssodDo7Xd7eaQxxzTmfua43ALtg_zvi0-_tu8kQCiVZqD73PLer8pAJ2EsAs0SuLSM2rONylvyYeyWWHh_gxnp0-FTinhNocE6KvnvzjN7luOul9ehUNvRHnllhgKKqcwwp5m0M7wOHd813auCm3oLttYBBiidakmofqfC0vn3Zcc9ZPC
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BB70 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SFBnfw
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A599 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 01B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8F9D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012301112346000/ Frame CFE1 		221 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b506520a9a42179a54e4f0c7a3857a37634ea5827ceb362ab79e89969067138b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 11:08:56 GMT
age
272211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61771
x-xss-protection
0
server
sffe
etag
"004684fcaffa7679"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jan 2024 11:08:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame CFE1 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa962698add9de75106dc5ced0bb9ec5099cd40f69acc2972648cee49296271b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 26 Jan 2023 22:49:44 GMT
age
316563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5217
x-xss-protection
0
server
sffe
etag
"cee5c64b71634b65"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 26 Jan 2024 22:49:44 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame CFE1 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73c12c92bdd8ea974a45dfc34ed9b0e830c9ad357e49e5bb542043efb3cd7a93
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 13:02:43 GMT
age
265384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28839
x-xss-protection
0
server
sffe
etag
"22d781f17bba60c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jan 2024 13:02:43 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame CFE1 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c96e53d0c54ccf0ff0f7c4484c1187a869ee8554f730233e792ee5b13f5c7e6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 11:09:04 GMT
age
272203
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16692
x-xss-protection
0
server
sffe
etag
"af568f7dd65b8cf2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jan 2024 11:09:04 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame CFE1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd65d87aadfcaecbae93f6bc1268b9ce00d65fc6cf1e0c84a4d115a27d4bc3ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 26 Jan 2023 20:21:25 GMT
age
325462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1907
x-xss-protection
0
server
sffe
etag
"5788572ff662ddbc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 26 Jan 2024 20:21:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012301112346000/v0/ Frame CFE1 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
520f191e28d82a3d011d351dbcf9b4fbc0594c805ce77a8bde3167ba0e506426
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 27 Jan 2023 04:23:02 GMT
age
296565
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12955
x-xss-protection
0
server
sffe
etag
"ba03cd6134fdf15c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 27 Jan 2024 04:23:02 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CFE1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 01:16:29 GMT
x-content-type-options
nosniff
server
cafe
age
48558
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3041
x-xss-protection
0
expires
Tue, 31 Jan 2023 01:16:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame CFE1 		344 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 11:46:04 GMT
x-content-type-options
nosniff
server
cafe
age
10783
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 31 Jan 2023 11:46:04 GMT
truncated
/ Frame CFE1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1883deffe88aa926871d758c6db53bb165b24bbee16c89165884ce1cfdf770b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
bg.jpg
tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/ Frame CFE1 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/bg.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67e782916b4c7061c71e771135dd75e3422484b1a8d195fc0c3786b0778958b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:28:51 GMT
x-content-type-options
nosniff
age
224216
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27953
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:12:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Jan 2024 00:28:51 GMT
txt_1.png
tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/ Frame CFE1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/txt_1.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c3bbd73bc14adbc3116d6cc5e8cad748a09b59b8f9ed63b1a0b23752481ac0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 06:18:26 GMT
x-content-type-options
nosniff
age
289641
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2851
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:12:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 27 Jan 2024 06:18:26 GMT
txt_2.png
tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/ Frame CFE1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/txt_2.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b64296cb2f2552a593f17ed08ab02fafbdef8779a3439370e4d4b456ada2588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 07:49:54 GMT
x-content-type-options
nosniff
age
284153
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3069
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:12:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 27 Jan 2024 07:49:54 GMT
cta.png
tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/ Frame CFE1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/cta.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0308afce7524c4873c802bc02670e79285b1511a511b39881f9a4b4ad5282bce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 07:49:54 GMT
x-content-type-options
nosniff
age
284153
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1540
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:12:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 27 Jan 2024 07:49:54 GMT
frame.png
tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/ Frame CFE1 		511 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/frame.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16a8dd508ca8311d05a8a78442eede27aafe0db4cdb759775a8b36624d51d4c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:28:51 GMT
x-content-type-options
nosniff
age
224216
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
511
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:12:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Jan 2024 00:28:51 GMT
pillow.png
tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/ Frame CFE1 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/pillow.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad5bce81855b7b84b352b67b24a7ed2172d81418b253ada28f7b992851086f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 15:07:19 GMT
x-content-type-options
nosniff
age
257908
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14964
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:12:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 27 Jan 2024 15:07:19 GMT
logo.png
tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/ Frame CFE1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/5459431334379423281/468x60/logo.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c50644f107f7f9b074cb32c5ac45fa799d564df4954ce8a91641cf56cdec5b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:28:51 GMT
x-content-type-options
nosniff
age
224216
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1626
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:12:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Jan 2024 00:28:51 GMT
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C826 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 10B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A135 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E9F4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:45 GMT
expires
Tue, 30 Jan 2024 14:45:45 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
l
www.google.com/ads/measurement/ Frame CFE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwkZZai2ZQ7Iwck-cqBu_5TMFkxjI5dPCRaVO2JlFctB5mqUOH44hpNMetYzsRpfyWS5L9WRRXhR_8o9F4mS2C2dU-Lg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame CFE1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmpsRGtjXY--xBr6U7_UP7Jqe-ASzopjRbp_53JmCEdqLgrfGARABINGTwypglYKAgKwHoAHb5sW5A8gBCakCCG33WeNHsj7gAgCoAwHIAwiqBI4CT9DGK-81YExwX5OipgCYv_NgioTo7QWyX5mNAcVVsBynUy5ewhdWnLQ6YRG5ARXoDGNxb5-ZWQOd_Y7PtU-iQ-gCY9V1kHkeHBbaPt3OEPAPg6n_KMsQo2wEre-ArmlwlHUaBO-hlHvKDLKH_caIv9bK5yWEuRFWB-JBUy-8ibiF2VvYzgaxs7lMQFes-N_IkYACgDpUQnpLrFXLKHWD2JYuIwJW4rurnPlRmGnfzOqBwmeakJqStOMcxgwgp4uuMo6LgfaLbaQ7gKWyk4_cS07TQm76_wU4Jzo20TWCAH0h6erLyK0JT1EIRjKGrI4wn_ZF55ENTVcBwXA1OsAX9gr9CYLytQ3B7BMspelqwAT91NvNlwTgBAGSBQQIBBgBkgUECAUYBKAGLoAHjZm6RqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPCDBdIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMN0BUBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=gA2AyLcr-BE&uach_m=[UACH]&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&template_id=419
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
8229fa5a5c3ebd24f3e2eb95db7eba72.js
www.gstatic.com/mysidia/ Frame 60B4 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4209
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 03:52:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 01:48:43 GMT
9f1a5ca513cd67f408268f629c2a8fce.js
www.gstatic.com/mysidia/ Frame 60B4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51170a4b170834d9061b8c85adb281b534d13763f76cc4f329e3e39a63277447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 23:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7963
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 00:31:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 23:44:54 GMT
css
fonts.googleapis.com/ Frame 60B4 		3 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 13:57:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 30 Jan 2023 14:45:47 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 60B4 		2 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:40:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
75901
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 17:40:46 GMT
2c96be29c806e6a30d72c34b34031cd2.js
www.gstatic.com/mysidia/ Frame 60B4 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2003
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 03:52:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 01:17:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 60B4 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:40:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
75902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8871
x-xss-protection
0
server
cafe
etag
9510037503091481574
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 17:40:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 60B4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 60B4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60B4 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:47 GMT
8aec859a266e19fb42fee7f82edeac28.js
www.gstatic.com/mysidia/ Frame 60B4 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 05:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14079
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 00:31:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 05:31:43 GMT
ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1DD6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 01:16:29 GMT
x-content-type-options
nosniff
server
cafe
age
48558
etag
6726277462267614359
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3041
x-xss-protection
0
expires
Tue, 31 Jan 2023 01:16:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1DD6 		344 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 11:46:04 GMT
x-content-type-options
nosniff
server
cafe
age
10783
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 31 Jan 2023 11:46:04 GMT
8229fa5a5c3ebd24f3e2eb95db7eba72.js
www.gstatic.com/mysidia/ Frame A599 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4209
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 03:52:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 01:48:43 GMT
9f1a5ca513cd67f408268f629c2a8fce.js
www.gstatic.com/mysidia/ Frame A599 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51170a4b170834d9061b8c85adb281b534d13763f76cc4f329e3e39a63277447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 23:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7963
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 00:31:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 23:44:54 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame A599 		2 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:40:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
75901
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 17:40:46 GMT
2c96be29c806e6a30d72c34b34031cd2.js
www.gstatic.com/mysidia/ Frame A599 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2003
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 03:52:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 01:17:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame A599 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:40:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
75902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8871
x-xss-protection
0
server
cafe
etag
9510037503091481574
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 17:40:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame A599 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame A599 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
l
www.google.com/ads/measurement/ Frame A599 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRkky91yjc7LdMTbI4t8rtYrmQ0CJ3yzlDk9TZpf94HDb0UJsSVl51m5drWKbaat940Eh5waHf3BP7SDujEcECl0RCmA
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A599 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:47 GMT
8aec859a266e19fb42fee7f82edeac28.js
www.gstatic.com/mysidia/ Frame A599 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 05:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14079
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 00:31:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 05:31:43 GMT
8229fa5a5c3ebd24f3e2eb95db7eba72.js
www.gstatic.com/mysidia/ Frame 01B6 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 01:48:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4209
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 03:52:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 01:48:43 GMT
9f1a5ca513cd67f408268f629c2a8fce.js
www.gstatic.com/mysidia/ Frame 01B6 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51170a4b170834d9061b8c85adb281b534d13763f76cc4f329e3e39a63277447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 23:44:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226853
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7963
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 00:31:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 27 Apr 2023 23:44:54 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 01B6 		2 KB
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:40:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
75901
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 17:40:46 GMT
2c96be29c806e6a30d72c34b34031cd2.js
www.gstatic.com/mysidia/ Frame 01B6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:17:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
221321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2003
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 03:52:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 01:17:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 01B6 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:40:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
75902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8871
x-xss-protection
0
server
cafe
etag
9510037503091481574
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 17:40:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 01B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 01B6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
l
www.google.com/ads/measurement/ Frame 01B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSj5s0rc8dMb2Rubn24UV94_2Su9uL3KhER3hOwgah7P-fnci6HhEMQCRN9ba-HGZ0-hUihCuMAjdlypYTyPZKeMUlOew
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 01B6 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:47 GMT
8aec859a266e19fb42fee7f82edeac28.js
www.gstatic.com/mysidia/ Frame 01B6 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 05:31:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14079
x-xss-protection
0
last-modified
Fri, 27 Jan 2023 00:31:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 28 Apr 2023 05:31:43 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 03B5 		624 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYs9GbvQEwAQ&v=APEucNWWy9UzhxD80u5IBjFdXqD5iFZkobFvwSPHNx_DR9Q6TpHvxeihdsECZeXbYB1KK5Z5H6yeJJ4rmJ0ni6FJ3Sy37rUlDWVzoPAxe8RBACL7RU1XvwMy6rpdB7ABDYxPJjzuAbVF1BHIRmdJIujDSSVNMrvtnMRT8vs-K2Gsp8DYRsgh8As
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:47 GMT
expires
Mon, 30 Jan 2023 14:45:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 8F9D 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 30 Jan 2023 14:45:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F9D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DLGBE77a716KeppAPzJI0SaRZbxvW5C2pqSk6qflg50iwqUv84ivQzE20oTrvMzxH_6QWgj5MM67rei4fU68RDEiiqzf3trwbehdv_ZlMA17Pqrj4
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F9D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11858779131684207743&x=1&ct=76
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 8F9D 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=18636685641&pubId=1&placementId=396814515&adsafe_par&bundleId=&dealId=&bidurl=https://www.zahav.ru/
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.7.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-7-182.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
eddbba8861fca894b4f1173cad21d8411f9b93aa7aecf541ad883d09684b34f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 8F9D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 8F9D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
l
www.google.com/ads/measurement/ Frame 8F9D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaShGPNhtHiino5Um28DFlq12FF1QsJmXBzQgNXQuw3L1LU7dmgUHYEmetzhZBcUpt7d7jkUgwgFOqmpYatQnoVKXoH7dw
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F9D 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 794D 		624 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWQHZ-A40lGXwB6RuaGn2hApdh82tHAmx5Gjt6xdhvupuDOF9jhA98gr8P1One7sKiFoA1y-T8dQQy3iS7CkORccZNOjXLZdrLo49mcUBpimAIXiKdkOJS3CEK8RuiHscm-wH_XTYNuDlg0rDlRNFder3ltJT1c999hAcujVMp7c6EJREY
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:47 GMT
expires
Mon, 30 Jan 2023 14:45:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C826 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 30 Jan 2023 14:45:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C826 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A4ZlrHhzxuMXU1lTFssEseZwDoZpFh8EFmuRCYPhIDaGwWt5fDO32wuR3M5-Vt562lXtXDyhectbxbl42W9XB2SVgu62FDxbWSxd16F55wGNhXBA0
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C826 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7245488825463464861&x=1&ct=76
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame C826 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame C826 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
l
www.google.com/ads/measurement/ Frame C826 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3SVcw9b7mYCUCK6dVkTdzQac5VE9SpgkZHUt2oIw2GZWVORzDNRG13Mrw7m5V3tMxZ6icpTGhhZIudhsHEkgCoQfJbg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C826 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FA4F 		624 B
689 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW3CF5K4sC8sEpO2MEO_hw9O3-YL3V2-w511KA-7Whva84rD_3TQy4pYkZCWvlFUa_aVIpsR9cPsj2Ce6y7fHLmTOOgMOWzM5OYmfqpx8asqmV4Z6kiwy7290tRWkstzqF_x9dQjWvV_ZHKFo6z8LrCFlp5Ts1cG7m6I62jSMUaUz8dwQI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:47 GMT
expires
Mon, 30 Jan 2023 14:45:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 10B6 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 30 Jan 2023 14:45:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DRcOGlcIXwgzJPVr4kQlR0V_H8IGTzM7CFazSijd58RkvtDTIkxLbaSUQamPq8uHQQH9jLQOzjfJ-L5gBbaqOieq8c6Dxp3IdT-mlb6-ZxPFQOaDA
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14190400931800053251&x=1&ct=76
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 10B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame 10B6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
l
www.google.com/ads/measurement/ Frame 10B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSsknSzv20Yj6GqLfoLB615tX0xdw_U14GcgspprkksWQ85086WoRcW1GqEYAgJMz0dCgnmH4nMdE8l0Z3zF-i2jqBwnw
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10B6 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EDC7 		624 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXRpsVTVpcfmhRCX_79d_Py6-w16-2zmkqRIhQJuE4ypmNBTucM8IPZinIRpT0-CC8QuXJpg_o_IGQpNir2o2kDeSEG9dC2aASqzQDRL1VW0pad-Epim19ie_S5fyDDTkN8qT-y3dNl6aIiRhOphAuRSOf9FlwiuUFsO2UJ3xarF_0W6_0
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:47 GMT
expires
Mon, 30 Jan 2023 14:45:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A135 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 30 Jan 2023 14:45:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A135 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrQjcU_EZ7ueImo3L7i0YBUCeg5v5weyrVYUkQzSAdNPAWVNLh1ChRRBAKkWK4j-YcW05klNM1JDGgnwYs08T2WLB9nt2xuQ3_aIGZcmZKErgkwtQ
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A135 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=770689035717638443&x=1&ct=76
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame A135 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame A135 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
l
www.google.com/ads/measurement/ Frame A135 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqKFM9wXU-4Qc7qQjIe66rdIPU3W5a1YI96kLZxpX-78rrV9TYUlWBc82uEX832jT9YRDDsJTTkN0KTFiiM5FGMEuBcg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A135 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BFE1 		624 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXHi3bgjEtu-PukyInZwuiI_t8wJKIovT8aKpmRSZHPUHtS8lthntq5oLo1R_ysfwA0C1-VOs4kuvemMwBMQNFUjd_ApHPE0zhVYsmAw_2aLDI1wVJFZEO4SfldzEhk7XPn9ebChXxZ8QXyF1HzWs_PgqBGALSY-czFQNH1_c3wFiknCvA
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:47 GMT
expires
Mon, 30 Jan 2023 14:45:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E9F4 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27384
x-xss-protection
0
server
cafe
etag
10506132538256102613
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Mon, 30 Jan 2023 14:45:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9F4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BH4-769zBypy1OTYDthDhODJQsxoZrDG0-GXV_QploqxJkuPET3AJjCein0eYvj6ycd5rZEjx2q_SNkqfJYyTyA1xBoyVlF390SigWhWdOwlkuFrg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9F4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4822338309419822708&x=1&ct=76
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame E9F4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:25:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 14:25:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/ Frame E9F4 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:37:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
14919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7523
x-xss-protection
0
server
cafe
etag
641023367890010850
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:37:08 GMT
l
www.google.com/ads/measurement/ Frame E9F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJS9rCq301Qo8GNvC8dbaf7q9I_irHHoFoOkT6l42rXdlH6OBylLryz4ssk3eF3IYrbTIlm6BMldk-gjP-MJbVd49hjA
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E9F4 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49065
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1674650782302584"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:47 GMT
rum
dsum-sec.casalemedia.com/ Frame FA4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW3CF5K4sC8sEpO2MEO_hw9O3-YL3V2-w511KA-7Whva84rD_3TQy4pYkZCWvlFUa_aVIpsR9cPsj2Ce6y7fHLmTOOgMOWzM5OYmfqpx8asqmV4Z6kiwy7290tRWkstzqF_x9dQjWvV_ZHKFo6z8LrCFlp5Ts1cG7m6I62jSMUaUz8dwQI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FA4F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW3CF5K4sC8sEpO2MEO_hw9O3-YL3V2-w511KA-7Whva84rD_3TQy4pYkZCWvlFUa_aVIpsR9cPsj2Ce6y7fHLmTOOgMOWzM5OYmfqpx8asqmV4Z6kiwy7290tRWkstzqF_x9dQjWvV_ZHKFo6z8LrCFlp5Ts1cG7m6I62jSMUaUz8dwQI
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FA4F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW3CF5K4sC8sEpO2MEO_hw9O3-YL3V2-w511KA-7Whva84rD_3TQy4pYkZCWvlFUa_aVIpsR9cPsj2Ce6y7fHLmTOOgMOWzM5OYmfqpx8asqmV4Z6kiwy7290tRWkstzqF_x9dQjWvV_ZHKFo6z8LrCFlp5Ts1cG7m6I62jSMUaUz8dwQI
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
AN-X-Request-Uuid
71ca990c-26bb-4b74-bfd9-98c6e937da4b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FA4F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNW3CF5K4sC8sEpO2MEO_hw9O3-YL3V2-w511KA-7Whva84rD_3TQy4pYkZCWvlFUa_aVIpsR9cPsj2Ce6y7fHLmTOOgMOWzM5OYmfqpx8asqmV4Z6kiwy7290tRWkstzqF_x9dQjWvV_ZHKFo6z8LrCFlp5Ts1cG7m6I62jSMUaUz8dwQI
Protocol
H2
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 30 Jan 2023 14:45:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9876b3c3-4b3d-4854-b73c-5f7932734630
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 03B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYs9GbvQEwAQ&v=APEucNWWy9UzhxD80u5IBjFdXqD5iFZkobFvwSPHNx_DR9Q6TpHvxeihdsECZeXbYB1KK5Z5H6yeJJ4rmJ0ni6FJ3Sy37rUlDWVzoPAxe8RBACL7RU1XvwMy6rpdB7ABDYxPJjzuAbVF1BHIRmdJIujDSSVNMrvtnMRT8vs-K2Gsp8DYRsgh8As
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 03B5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYs9GbvQEwAQ&v=APEucNWWy9UzhxD80u5IBjFdXqD5iFZkobFvwSPHNx_DR9Q6TpHvxeihdsECZeXbYB1KK5Z5H6yeJJ4rmJ0ni6FJ3Sy37rUlDWVzoPAxe8RBACL7RU1XvwMy6rpdB7ABDYxPJjzuAbVF1BHIRmdJIujDSSVNMrvtnMRT8vs-K2Gsp8DYRsgh8As
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 03B5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYs9GbvQEwAQ&v=APEucNWWy9UzhxD80u5IBjFdXqD5iFZkobFvwSPHNx_DR9Q6TpHvxeihdsECZeXbYB1KK5Z5H6yeJJ4rmJ0ni6FJ3Sy37rUlDWVzoPAxe8RBACL7RU1XvwMy6rpdB7ABDYxPJjzuAbVF1BHIRmdJIujDSSVNMrvtnMRT8vs-K2Gsp8DYRsgh8As
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
AN-X-Request-Uuid
e6283b6b-ef74-49eb-878e-ce87a551e4db
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 03B5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMYs9GbvQEwAQ&v=APEucNWWy9UzhxD80u5IBjFdXqD5iFZkobFvwSPHNx_DR9Q6TpHvxeihdsECZeXbYB1KK5Z5H6yeJJ4rmJ0ni6FJ3Sy37rUlDWVzoPAxe8RBACL7RU1XvwMy6rpdB7ABDYxPJjzuAbVF1BHIRmdJIujDSSVNMrvtnMRT8vs-K2Gsp8DYRsgh8As
Protocol
H2
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 30 Jan 2023 14:45:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6925fde8-17c5-4641-b0e6-913540efdad3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 794D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWQHZ-A40lGXwB6RuaGn2hApdh82tHAmx5Gjt6xdhvupuDOF9jhA98gr8P1One7sKiFoA1y-T8dQQy3iS7CkORccZNOjXLZdrLo49mcUBpimAIXiKdkOJS3CEK8RuiHscm-wH_XTYNuDlg0rDlRNFder3ltJT1c999hAcujVMp7c6EJREY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 794D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWQHZ-A40lGXwB6RuaGn2hApdh82tHAmx5Gjt6xdhvupuDOF9jhA98gr8P1One7sKiFoA1y-T8dQQy3iS7CkORccZNOjXLZdrLo49mcUBpimAIXiKdkOJS3CEK8RuiHscm-wH_XTYNuDlg0rDlRNFder3ltJT1c999hAcujVMp7c6EJREY
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 794D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWQHZ-A40lGXwB6RuaGn2hApdh82tHAmx5Gjt6xdhvupuDOF9jhA98gr8P1One7sKiFoA1y-T8dQQy3iS7CkORccZNOjXLZdrLo49mcUBpimAIXiKdkOJS3CEK8RuiHscm-wH_XTYNuDlg0rDlRNFder3ltJT1c999hAcujVMp7c6EJREY
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
AN-X-Request-Uuid
6ed09965-f9c3-4dc0-be14-c53dfe6a240a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 794D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNWQHZ-A40lGXwB6RuaGn2hApdh82tHAmx5Gjt6xdhvupuDOF9jhA98gr8P1One7sKiFoA1y-T8dQQy3iS7CkORccZNOjXLZdrLo49mcUBpimAIXiKdkOJS3CEK8RuiHscm-wH_XTYNuDlg0rDlRNFder3ltJT1c999hAcujVMp7c6EJREY
Protocol
H2
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 30 Jan 2023 14:45:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c57fabe9-2850-4278-8f48-11bfcdaabd01
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BFE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXHi3bgjEtu-PukyInZwuiI_t8wJKIovT8aKpmRSZHPUHtS8lthntq5oLo1R_ysfwA0C1-VOs4kuvemMwBMQNFUjd_ApHPE0zhVYsmAw_2aLDI1wVJFZEO4SfldzEhk7XPn9ebChXxZ8QXyF1HzWs_PgqBGALSY-czFQNH1_c3wFiknCvA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BFE1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXHi3bgjEtu-PukyInZwuiI_t8wJKIovT8aKpmRSZHPUHtS8lthntq5oLo1R_ysfwA0C1-VOs4kuvemMwBMQNFUjd_ApHPE0zhVYsmAw_2aLDI1wVJFZEO4SfldzEhk7XPn9ebChXxZ8QXyF1HzWs_PgqBGALSY-czFQNH1_c3wFiknCvA
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BFE1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXHi3bgjEtu-PukyInZwuiI_t8wJKIovT8aKpmRSZHPUHtS8lthntq5oLo1R_ysfwA0C1-VOs4kuvemMwBMQNFUjd_ApHPE0zhVYsmAw_2aLDI1wVJFZEO4SfldzEhk7XPn9ebChXxZ8QXyF1HzWs_PgqBGALSY-czFQNH1_c3wFiknCvA
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
AN-X-Request-Uuid
05c5ebd3-614c-4d26-9fe5-96cc1d0f16d3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFE1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY-OKZyAEwAQ&v=APEucNXHi3bgjEtu-PukyInZwuiI_t8wJKIovT8aKpmRSZHPUHtS8lthntq5oLo1R_ysfwA0C1-VOs4kuvemMwBMQNFUjd_ApHPE0zhVYsmAw_2aLDI1wVJFZEO4SfldzEhk7XPn9ebChXxZ8QXyF1HzWs_PgqBGALSY-czFQNH1_c3wFiknCvA
Protocol
H2
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 30 Jan 2023 14:45:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
856922aa-0fea-4207-8b23-6d6c87fa5b18
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EDC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXRpsVTVpcfmhRCX_79d_Py6-w16-2zmkqRIhQJuE4ypmNBTucM8IPZinIRpT0-CC8QuXJpg_o_IGQpNir2o2kDeSEG9dC2aASqzQDRL1VW0pad-Epim19ie_S5fyDDTkN8qT-y3dNl6aIiRhOphAuRSOf9FlwiuUFsO2UJ3xarF_0W6_0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EDC7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXRpsVTVpcfmhRCX_79d_Py6-w16-2zmkqRIhQJuE4ypmNBTucM8IPZinIRpT0-CC8QuXJpg_o_IGQpNir2o2kDeSEG9dC2aASqzQDRL1VW0pad-Epim19ie_S5fyDDTkN8qT-y3dNl6aIiRhOphAuRSOf9FlwiuUFsO2UJ3xarF_0W6_0
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECgAggkJiGclvhxlM-YjC4s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame EDC7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXRpsVTVpcfmhRCX_79d_Py6-w16-2zmkqRIhQJuE4ypmNBTucM8IPZinIRpT0-CC8QuXJpg_o_IGQpNir2o2kDeSEG9dC2aASqzQDRL1VW0pad-Epim19ie_S5fyDDTkN8qT-y3dNl6aIiRhOphAuRSOf9FlwiuUFsO2UJ3xarF_0W6_0
Protocol
HTTP/1.1
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:47 GMT
AN-X-Request-Uuid
6a65d7f6-ef19-4a3f-b377-5727d33557c4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeS8ZJBjZWA9gQDlGRjkrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EDC7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK6lmMcBMAE&v=APEucNXRpsVTVpcfmhRCX_79d_Py6-w16-2zmkqRIhQJuE4ypmNBTucM8IPZinIRpT0-CC8QuXJpg_o_IGQpNir2o2kDeSEG9dC2aASqzQDRL1VW0pad-Epim19ie_S5fyDDTkN8qT-y3dNl6aIiRhOphAuRSOf9FlwiuUFsO2UJ3xarF_0W6_0
Protocol
H2
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 30 Jan 2023 14:45:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
29c178ad-a772-4134-991d-9d06f78adcf3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI3MTA4MDA2MTI0ODc3ODg0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F9D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7044248949425&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F9D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7044248949425&version=m202209210101&ct=76&x=1&cor=11858779131684209000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8F9D 		86 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOaVkSlaP34N4WdaqaD-TIzHdg9JmzLZ8u_sKZw-ufF2OZUlEAZEQ6YQuSYKMUFEEgTLeBmhWOznfMyObkr-CNjiFYw2nfmQGqeSW_qAuVYwWMicA3R4fVPRwkborp9DLXiS3ch6_2kG3_sbMVHy1aMKOEyURi55CWYm2cqgyf9IFFLC4&dbm_d=AKAmf-BFwNfyZeJG0097pMyN0okJK1XdKY-4BTEPgJEBS7CzBInXZnKbNKscUhf8hqNjMIBi1LYONhUt49FAFwSL86-_TF3MpHxeX02IkJ4RGry4sE0wf9DYYskwD96AWqjO7yQC15465KarM2LiTMd79NwO0fjpL9NiAsKvqyuYXa9Vc1UKBgUJVcnNwZoWhhrui60461N7gXMDJwYti9asbbpcGd3cubOLrlH26XqJlRnIdJ5zFDsDUbvSp0w8FmBEPbBwTiMKuBJsxnnNQIcOhv5GcTd_6V8SeaAluNaUGUjYl4G8mDrowUrzE7Bw72_Hzm6qImZaPgXleYXxLbXiqDHN4ehuBRQuLfjM1XNUKOhJrf0CPDKiQh2_D_QAiYDk_Noa7qkm2Pp2bNuYq0xtkRsNcqHkAUF-ImZaWKn9lQhWH_vxI0w0bEkQjg1YBsot5gPXlTUhZXfjbfXo7-vTIHHcFLfEf1IrtW2DNVZ4CcAQhWeXfZsch26Oi_wSNx7k4_uZwLuKTkn8lxOOzJIbg6SCSEbgM7ttaonDSvkZorxq962A3hpKdmCaZCy1GuVXW07G9DbXPFM-PWhTYMKn5CAVzFkrcmfS5iiLEHwIX6U7QuiBKuzynHbxeQCbcGp5pzPES8JRi1sDT9FTtKKCV6lTOo_OaXYCH6UX3e_aHGJ1BFnuyQM8WZSk1a95CpCg1As1VdLHbEIrGzL2L_HjvlPvqd1SY8LbRLYWhI9AU1VTM6wCpjQVqqmcGsiuOo94td_BSdULdaAwJnyf7jBsTX3X72agptrtltKppgX7pUPOG0oqBBTzPuw0852wJOS1fDdu3zxCHd7hhIJtAVr8o7IeJ2kZT4NcTmXuoPGFJVYwJjRIQmXfSx-gKu_EIhh3-ZJGt5Jif8gbKXbXokJ2NPkacyFGor3vMxOvtEt_Vt233ardeSRqs5xXSnQQBxPt3Oe4FvBJtYKzPyRoWOI3buPjFGytp8304rCYhKNXSv2LQ7D3PM-3o1xqCjFdC_395mWW3RKRkgjZTvAhjnYcyDP-pibp1mOx4w5aQva4oSMsXGFfs3p9NTqimpm25I5si2Sx5Kp9nIAcewWGMA9hhTw8jmpLaDycJ26-O8ef9rQ5IHSevAcCAYbd8ihuR0zPLtTF4zqwsGpEAMVaf8snP4adG10NFCkFwVtgiMXTizMngTe8oYzZY61v_-YiNH3CAVSM6Z31amWyP3YddmiFHqFfofIPnrtZyTSqtRJI0fSgOslA8EnMw2kxciN9krtAG-ENJaEimTIOkYWb3eaQfRXneOmI3f0Dn-nA5b3OSJXY2gl_GpUPaZz4FS3jVcejHrkjAnUI5L5JnxrC86rajRTuhbI7WMw1kwhjvQCm2ngouYHQLT4laDhqOuKxN6EU36fxgbyiVkwHBNSlq1jpx8WLz4REXEtQDPtzSFwsWAPjndfgaOKoG1OYUAyTpzX41aY00ws9SGGCNRS2dYfhtP1RedCAvmqwGL5_3J7dD9lYndYu6MBalSmnAVRLVfwnHlHHc4Wy7_1_HVQipSRzehSQ5qbnglJhlnnCxIORNmEDyoAapqLIjPbFWYRGUFTEm8e62V26Km7wnZiL57KooYrNIFeJMFMXW3xjNajQDt0Sm0iM_OVHyHHYnQlyqbBd1N_rLzsIzRaSxygmPD6ujQTrtktYFn4JFE-ElXkpe_rtGAfejkaBq-9vCWErLo4S4Zrot4-oH53IFiAycyavwh0lEwh4C4Y_6QCfaHnHaG-Ne71RMwktREVrOgW6EbzKuWvRVIYVXY6FVqSP6RwtipDRDsnuqwrH1vi1E9NnWgVrRMdHzPLUAegVvT-jsd9P4BHYXh13FkLbSsPfuXGy6bWwc0CWe_YLaLyALPdq85oUlzQlWiFp_W3_UkbZ4rhLioHgkJ78LoaX7QVKGVEHON8w25SHJcpwyxVkpDrrwIQzwGS5KmpIGbucy96x-gINaZZdfWJMuUM0oJLqIGRvx1sVOwQJbnjAjXajl-J5qqt6CZ0MHgrTfkijWsEEi70PncjmKOzHf6lJ5brjhLEZJnEATFeCHuTpjYSyUC5Sgq1Q_nK_0ZhOSIeT18mDhg4TNmIaFISe_eYYfRI4ypSjaVyXwDBLOrVEXcYUOmt_obayGj8YgtOygKy1_JmKgZhKAYiiASO6TB0OhWngrp_6qrC70vF17mACb4fl3B0L_UdxKPsZv3szYFZh7CpaLF-zmLP2AU-cINSL2zhLs33c5TiBu9BEAUEG7m3p5pqoAcvpSurldftD9iAFfsgLrgv1GlIzDjZykVIxoaV3QMQFuUPB-UjNMMq645WfJM-cCTq6APx8lFO_3p9awwT0ZsNZ1Jy7Gic7F-RSGJwTmq9L3ew4n3-9GVvGOL8_HFeY-aQBFdTvYFsJ7p6v6aauhJFzb-MyUwesOI7sYYMXiaNz6m9a6LME3s4eauOzNFT8UltIIymq1lGFltgaZqYuYD-lBllFMeWhyqrAauUhLjPmHg89TsmucsqpYjbjdyAzbPgjjT9ZOAYO0IdDN0kvV8piEB8UY9PtAj3h2-HgwVX-Y6jzv6rH2gPdgzbHmfTBWVDE3A-NPSP6wJDa60phfgxl8960XaSjXRR5hwpec6U6WpRkjJ-Ee8YoHRPKPrpk0X6jMSYv79x7mPuMw_0s-J8i-CadOp0Fb3m72OU3UiFTHrnaM5YnSpU98UI3o953QK8lt1PatwhK7XqneHhHVPje9wA0Df-9yGhAEG00c758W8qPDLAOeHNGbl5uqNGJ0vrzsJ5VAzfoblUjhmAQO5CanTi0wxV1-IOERK545XO1ngNdqkRiRxI03Qw44FtH7f8Kq95emzym2BeRqsv1MYX0te3mjr366GKSpsIpe8A3vUB_HRCk07WypC5IyJXarbvha7Xi5ZypjJzw5HefEh5PABoZeQuAy81dzkXqmQaT2QI3ZW7iWDhEm6UQs8U3SZygVL6PZnPXh15S4YvAEtnSegvP6UdkMF_jiuG3aFfBLe-RVBsIl3dCcshIu9dsGOI_-Vf_iZpy3CTs5TfCkLFmuS8IHo_AOBPhLoLIfUNp2goPnXzE9hJ5kA3ROcCe7VHFskmQNYfMbmebkYSvpNjkQeL5KgfT03qemb4_srRzMlhU9tz7njHhCYR8A-f6tGoHCIf_TC6xMhwHiKCE1IfPv6azPVmnj3qHl_TkL0sQCMGOk1ks9nPjjt3WNp2AByhkeJAtekXd2563a0ohjolnNp_ZvxIgikFmtPSDUP7WMsbBP1Jpg4Dn_ni_TD9sq8Po4UFUdy61oGMZOyfnZRTv-A9NXspIRm8XmAE-EDpuOXJ3nWb3DVQo4GlimDPsFjghfyfBgUixthUK345bScyQqZWNRfXqFg9LijCYaLC7eJXnxCNhpporzhEebvqBjwLQ3PKNjXy8sbGH85901Vi2oSWDcg3amm26BrQu18_MksWzjSDN6Q&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=11858779131684209000&adk=3037181500&idt=73&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3577296ff24d5c22f8d95992151392e2a41256892a093eb05bed15614e49cc11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36487
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7157750137578474642_14974480233918161460.jpeg
static.doubleclick.net/dynamic/5/283919417/ Frame 60B4 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/283919417/7157750137578474642_14974480233918161460.jpeg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2b2925306f16b7a1e252d9cab0723bfba39ff84b077bb4795762df898271a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 19:44:45 GMT
x-content-type-options
nosniff
age
241262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27428
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 04:55:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 19:44:45 GMT
truncated
/ Frame 60B4 		166 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b206714458eb67bd42542b592a2693bdf7e0f3e2d8f86bfc0271132cdf63519

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 60B4 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
710bea197e3c2984c702b72b91f1d37363d121ade3316ea9d8cadcc3ca4a684e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml
1021183223145371140_11106654947709478255.jpeg
static.doubleclick.net/dynamic/5/283919417/ Frame 60B4 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/283919417/1021183223145371140_11106654947709478255.jpeg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65e3567eeb1648dcbc9ebeb57739af4cbe6b29c9af50419c3cca44b726f9084e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 20:08:56 GMT
x-content-type-options
nosniff
age
153411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31582
x-xss-protection
0
last-modified
Sat, 15 Oct 2022 13:20:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jan 2024 20:08:56 GMT
10329325893508853963_1561793373445839902.jpeg
static.doubleclick.net/dynamic/5/283919417/ Frame 60B4 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/283919417/10329325893508853963_1561793373445839902.jpeg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
331acca9f6cc4fdd17014dae97d536a7106067c1d0adc9093181e802e9c2d139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 11:45:23 GMT
x-content-type-options
nosniff
age
529224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40970
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 12:47:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Jan 2024 11:45:23 GMT
14411452190490465889_3938513969989492663.jpeg
static.doubleclick.net/dynamic/5/283919417/ Frame 60B4 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.doubleclick.net/dynamic/5/283919417/14411452190490465889_3938513969989492663.jpeg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2524a32757aa44703be8a8a78e64f32794da290f29b9dea6ef24c7f368d085e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 07:44:07 GMT
x-content-type-options
nosniff
age
543700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36030
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 05:11:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 24 Jan 2024 07:44:07 GMT
11219243522209494208
tpc.googlesyndication.com/simgad/ Frame 60B4
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC7wpjKpQEQsAkYsAkyCLFotOMqCV6b
  • https://tpc.googlesyndication.com/simgad/11219243522209494208
82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11219243522209494208
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668967d6654e543508409f29ffe950f41a09b124edd50cbe50b375dd497fa2a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:37:19 GMT
x-content-type-options
nosniff
age
101308
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83632
x-xss-protection
0
last-modified
Wed, 23 Jan 2019 13:38:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 Jan 2024 10:37:19 GMT

Redirect headers

date
Mon, 30 Jan 2023 11:58:18 GMT
x-content-type-options
nosniff
server
cafe
age
10049
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/11219243522209494208
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 01 Mar 2023 11:58:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BF6D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=4384104399971354&bg=!GBulG1_NAAZSrDxfcqw7ACkAdvg8Wm7QVrd-DFJQW8Yfiixn5FTCNX4PzWNkaZJipsTbNQ4CWLrNFQIAAADCUgAAAAJoAQeZAqg5RM3YdMEM8CmcJEaw5LxWRxQxNiQXl4_aDs2uOQoBfCAqh2QfR5dG5TNE5oyGv3UeGZEiGi8FXBcgmyzySys26A-Fu1t46MpOGyEA0B1ySbwD7GRUBSkDWCCi2ONX9U92G6zQmZ2GPyuXR9TNBQOLLGUVijo06WAgotszWbgNpJpRmzZkkKpAioMaP-1Zk82diOuPVMs8nMJ_IaaFrm61fN4CqWVUN-yhJp2nSYEgP5uiuL5f-dRCA3i1Uwozs4AqKgs9TUBO0BdNNJzu-jQIBLsDrSjuT-mdxcPZ_gF9cEsPd-efnSMIiN_MRK8SCSqMRkbQiEDObEzwCCkRzkYk9HhLYm_3j3RcZQGvqxF5WoT3IKASPtS3pzlY9fPWUyRvFqVeKIoFtk-dNnif9axKnza9nnrWS2r8Lbk01JagfwU06V-dl0iAxFq1ah3yPGDuPEF4R9YBTzgnklzGQKHGfmtLwjYlH-kvVOiVXNSyeSCWiHXP3yrcylnqI09OptIaLPrwLAiWnvdulGstPRPNAv2rPHH_lGcSUOctegxTgmeCgdy46qyf_-YIATgI48NxIEBayd8DIPdlCYpSnCS6k-_4ErX5n6lc307JHn4nwBBpy0F2Z4U7kPQDZWRjycZmTRfhj-unHAryXiFwv5zpuhtyc8ku8sr8N9bGt7rC55lUDN1YNt9YiILqtMkcydwLyh3LFy9b9MzgJOq7cLSkIaEs8JvxbF-ueAS4NVljLN9n7hbbcCzYPhGJpgbhbcnHSzoPgPDZY1GQIdUfcwapLIpC89e65_Z1mbe_Edx-73dNIXVMKkS1XCezw4RyRTAo9D-DLeR62dBKaSDkVi30YPBRoJOkDlgwoaOtJFBD1OulXo4i8IhsBFlyb7aqljOr1Gj9EEz8iA
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
shopping
encrypted-tbn2.gstatic.com/ Frame A599 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ2Iaz7VpTj2lBltQKr8sCUpz78ipobhgl5uJWoD7kqkEP3qbVWHI30FtFuoWc&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad19787d6918da31389c40e7a0f575d175511aef25ec1d6aa7339e091e0d00f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 10:12:11 GMT
x-content-type-options
nosniff
age
362016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21035
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 01:31:20 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 26 Jan 2024 10:12:11 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A599 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSsSFayhFMukI1KYsqwQ9tIEU01qL-9LLWaoG0nY2uguKs0KNCZMhadqlFgUhw&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec66e5c012e4e56f1242b31faf24bf855acf336c821526ce64d7150d7a2355a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 03:14:23 GMT
x-content-type-options
nosniff
age
300684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26028
x-xss-protection
0
last-modified
Mon, 02 May 2022 02:12:42 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 03:14:23 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame A599 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRjhnb_yD9_7LgKW0SpL-JkiZF8mopGbnaUlCx8A0ISN5Fjp7rp2MKs2C7GTQ&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e50a175497d44d3bfb764d99541821c913fef8630d0f7a6f78fb31efb64f96d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 05:45:25 GMT
x-content-type-options
nosniff
age
118822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17112
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 02:38:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 29 Jan 2024 05:45:25 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A599 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQw7vVMBfYohPJ8H6dZr82T7QTSL9ODSJRKeuUjG86C_mNjc4MPe2DZS8H_X9E&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e59f576fb077be32309f57e24d0371f7af27a3f82e91aee4a727f573ee9ccdb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 19:12:35 GMT
x-content-type-options
nosniff
age
329592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20024
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 02:18:10 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 26 Jan 2024 19:12:35 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame A599 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRnOEYQ9zE9_p4CY4g2yFfbDeGGJPFciR5qWgbrQ85QCUNFU72R&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72f5c28a9dd9759817eca2838f7181aa1298dff4c323768182a7c6a3b81e4bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 10:05:24 GMT
x-content-type-options
nosniff
age
276023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18274
x-xss-protection
0
last-modified
Wed, 09 Sep 2020 14:09:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 10:05:24 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A599 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CENdqGtjXY-yxBr6U7_UP7Jqe-ATos_3Hbu28h8iHEPS43Zi6MBABINGTwypglYKAgKwHoAG-vb_7A8gBCakCCG33WeNHsj7gAgCoAwHIA8sEqgSQAk_QIk0vqqudam7HIV6j9qVimb0uMgXNLtJ3E9vW1m9lY_vP5S1Q1xo9mshtDx9PA7jgYhrxkNXQ20HhbAxuSr7uYLQhZBCLeIyWFzKMQ8aBCOVa0-FnTOEKV6Q7cGCkyIwUXEt29wstkdYntFiYuZB0EhILQaOm6CqGP4QOFKcKR6HByer7FKM0psauVmHo8_KcLENfKDGJ6cMRReoV-rpGB9ruo6AmsD5cq6wRGzJ3yhMT5Q_jNC-iIpXxLCH9QwU4xTUD3iJgO7jKaxJZyPMNBTxx2UXou2w1YXap6o0tGPzoq9lOOXbEsbEvuioCsMUK7WBJttBy6Qdc_gZO-WTZ0WartPjwmggXEKLabAh-wAS5loKtjQTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHqsLABKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCd6R7SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=wTNGf4Dpk7c&uach_m=[UACH]&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&template_id=494
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4548 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 12:10:18 GMT
etag
48472445140208031
expires
Tue, 31 Jan 2023 12:10:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
shopping
encrypted-tbn2.gstatic.com/ Frame 01B6 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQ2Iaz7VpTj2lBltQKr8sCUpz78ipobhgl5uJWoD7kqkEP3qbVWHI30FtFuoWc&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad19787d6918da31389c40e7a0f575d175511aef25ec1d6aa7339e091e0d00f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 10:12:11 GMT
x-content-type-options
nosniff
age
362016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21035
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 01:31:20 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 26 Jan 2024 10:12:11 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 01B6 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSsSFayhFMukI1KYsqwQ9tIEU01qL-9LLWaoG0nY2uguKs0KNCZMhadqlFgUhw&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec66e5c012e4e56f1242b31faf24bf855acf336c821526ce64d7150d7a2355a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 03:14:23 GMT
x-content-type-options
nosniff
age
300684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26028
x-xss-protection
0
last-modified
Mon, 02 May 2022 02:12:42 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 03:14:23 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 01B6 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRjhnb_yD9_7LgKW0SpL-JkiZF8mopGbnaUlCx8A0ISN5Fjp7rp2MKs2C7GTQ&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e50a175497d44d3bfb764d99541821c913fef8630d0f7a6f78fb31efb64f96d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 05:45:25 GMT
x-content-type-options
nosniff
age
118822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17112
x-xss-protection
0
last-modified
Fri, 22 Apr 2022 02:38:34 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Mon, 29 Jan 2024 05:45:25 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 01B6 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQw7vVMBfYohPJ8H6dZr82T7QTSL9ODSJRKeuUjG86C_mNjc4MPe2DZS8H_X9E&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e59f576fb077be32309f57e24d0371f7af27a3f82e91aee4a727f573ee9ccdb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 19:12:35 GMT
x-content-type-options
nosniff
age
329592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20024
x-xss-protection
0
last-modified
Sat, 02 Apr 2022 02:18:10 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 26 Jan 2024 19:12:35 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 01B6 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRnOEYQ9zE9_p4CY4g2yFfbDeGGJPFciR5qWgbrQ85QCUNFU72R&usqp=CAI
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72f5c28a9dd9759817eca2838f7181aa1298dff4c323768182a7c6a3b81e4bec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 10:05:24 GMT
x-content-type-options
nosniff
age
276023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18274
x-xss-protection
0
last-modified
Wed, 09 Sep 2020 14:09:38 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 27 Jan 2024 10:05:24 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 01B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C-at0GtjXY-2xBr6U7_UP7Jqe-ATos_3Hbu28h8iHEPS43Zi6MBABINGTwypglYKAgKwHoAG-vb_7A8gBCakCCG33WeNHsj7gAgCoAwHIA8sEqgSQAk_QtNYhqriQi2vT3wyK6cekNBuU_ipDaKIGjFkrlWSrtb7r3iU5IKgPsCdzKQT5Ip9a4FiuaT7WXKTo455-EjhlyaMc68VDN_x9P1W4G4sPi5UIN1tVkc3yjQlBrL69bU7RaW5IukNQyRZE7Xt87h8-BD8S0yAuk-X7Vrl8Aay9N615c0jhzXvYWdJvLxhgARGE5e_spSnEOL4PZqj_U4LuHLJWA0JA1OCr3DGWgiqAk14k2p3oksnxbZRb1u19yQl0t_cUKDpKCY_Ni5aVLZjDmUnTQZgQKouauFO4mJSxJU1UakXE_NftMPPqGd4vqL9LMlPcXAV02qYRuAqIT3KniUgVt0rd5nb4AYq6sMgwwAS5loKtjQTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHqsLABKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDYzx_SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=KURF7W2u4sM&uach_m=[UACH]&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&template_id=494
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DE06 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 12:10:18 GMT
etag
48472445140208031
expires
Tue, 31 Jan 2023 12:10:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 60B4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfDRfGtjXY-uxBr6U7_UP7Jqe-ATToPLvapngosDtDobEj8GzKhABINGTwypglYKAgKwHoAHfgfr1A8gBCakCCG33WeNHsj7gAgCoAwHIA8sEqgSLAk_QhRNndICaWxgWR_BrREOYGVcPZwk3R5v6odpK2NkWTVBrIm05S59-PdfT-LFd1oDnxMFGvocjg01DgX3Brjn30ekMMdROlD4GZ7l2o4YDxo44YDKfUNUx4ZjPtJsnED2Rn9fVARYKQBdmOjuQ9zk410bcYK9hLV6a3vd1zVmlm5zmAqhiZfghC0LOI2eCfW0w15WfnkUYlosb29283Ua9HMkUhXJuvgyK_dUiwbOSfeliIHhbVlhLLM_xk8EWZd2OLPgbiY8km-wTeeM0OPCVF43-H57hXMnaSPXMjqWoe-XHCaB6UP-uvbJlwHIzAbj2XVSy1mYMRtjWFkMs0yN6_iQyOP1I7-5MC8AE1pn9jt0D4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_ubsxOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQvfcV0ggRCIDhgBAQARgdMgKqAjoCgECACgPICwHYEwyIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=IZjk7990K5o&uach_m=[UACH]&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&template_id=494
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 28E1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 12:10:18 GMT
etag
48472445140208031
expires
Tue, 31 Jan 2023 12:10:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 60B4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e6135c072c19defe78d09fbb75fe4b63ffecf2b8210e7ab186d3bdeacc940e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A599 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bfb9adc31fc1a6f6d63961d40028ae570693ccba8a9345eb4c9f3c57a0288cb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 01B6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a24f46d72c8eb6bd9b95f0d16ff7dd988fd9440c15f7f0c152645530edbcc52a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3767782780687&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3767782780687&version=m202209210101&ct=76&x=1&cor=14190400931800054000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 10B6 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4OmwRXqlPlxM4tHmc07pGMy63VEiEeuatQU2JR4SM9Zzks-tyJGiqcXX-bLubMoXR50ajMwchr6V957TyKhtzHbGknCHSeaoBc1I0bx8HyELI0Lh44eROZgxfWNzmXalZpawX1jqUQiy_HnfRGbbM7D975pLSMnpWiLmgZS0gA7bDHg0&dbm_d=AKAmf-AK0bWTRFxPjTUTwf6REkFmcDlB7sva3rPlLdCE_6A-tG-4wyEj8aPvqw4IjGpYlzkkeQ_5jdznYeeXgRb_qxkqdi4nfV2jbnkdnTlOPnXRGZSf9A71iMetHkCu0-rScPWD4cKL_DWJy-IoejSAgFvVQaOEKJdTxjdPAihNLQt5cvoz-UHRSUe-mHiCk_mnVWuG2Xb9bmax0gx2SOlZJEu9WEaOJE9JoAAZOT-3Vy3HnpybL4xswgsCD37zZXlAhr41bf4OgZOa2XOp3mQU_Z8Utji0YukmY8KN1FpVRBFxfLCEoxTS56jwH6oODkYY2A_zgwJDZv2whd8e1qEyAqezH7QhToSRpcy7YYAxO_YHaF59yYA-WHbzhB_e_jHyj3zRIMYJmPFEpDiWcmZ6DFgWv0C7b_Zf0mQNNYd2EXQXMTEq-RSkHJxxztsLa2icQyXMP0FyFV5N95qxq0XpKu_MP8x4KR_hcRsW8IFfCOyLdox0ou0GcAxFmEjXCVb-uVDJAYx1cxL5XsAZBz17z9XwTfgGKU5K4xHm7TprX5C8o-Ifc14-_jTpru6NgzEVl7sOXf4DHv2V2UAI8XhQborVU1dxf0Eg6pQb8xid_XaIZKxqDqkq9M5xh6DePq8qr-MWHB962_ISOkLkybD9cHUoJx4APvi0g77dCHVpoJ-zKEkVg9razdFhULSf-u1uSTrvkQTCLu_2nZdkVJl8ud-197T0ilFwTGY2KuOHjcthRYx9mefg-OKmKPeF616HzS1-a2rTUECS_s8-iw1Kh4N8p96eLEW_PMHomLBcb6-z3REaJbAMzl0TTdOOuDvpigjNMvCcTckrjRWxsDshLS3jsqnw0lq9EP4xsCb3uNZqzvRZ-4cG-1b7geE9KdF3A0ZQmXrTKdtviDrJ_yWfK2uMJPg0WbWuNrU3KqFDu8M4KuxaJMUMv2OxUK6tQXPIjhT-jEM4hGavCnVWSa-M_DuucbqU5g93nxoXiW13HaIQYVRGkKFmwLWI-hOVinanU9vfghrqO-tzjNmiLKf468w-TdpT2AgwbDU_Lj1QbaCF10j1qEVFqtqjTi2uHv6z68upRwePZfChNh90R1YvfDzzGXnVuqGfvoNU0GUQwH3Gung1WuKPs4FGgualhxrivibJdJIZDzTOzH9bbEMrvsneVNESrhPBUOG3xMJEMYvoQ3QJHBiFPTUlMXBpJZy1urUZbSBhXZdOhhw3U8EXk2vC92euQhmyN6lHTHdkEnfQ6gnsSXkWvc7vgJr7GAZ5n4M02KWEbbPAGHj8DXYB1EYWpkRsO1PFY2y6S-73gdLsLNvuDP_sTGfAXLpdu6zMReRFocYIElYrrWNVxnvZpuyAAMIlMdkrt0fstvYkiRwWiGLoj4ayyDPY5Q8qm9JFID0r_uU1r6-3LoIixvx2e7yuTtzhLK7uwgI-XyoJZX02j_FlFF3rMQCkDCKHiWlGrQU4nbKrSJFconJNr0SUhLUjzFyPHe_t5WJrrkl95GaLY-CSQmlXgzTz1vgm9IyL-MX5TV8n2ORrZrBgATpE14uIYXCPr2L7auMKFqR3U_Fk0A_L0ta9zBi1hCG1xERm4ip8Ad39OTXU_Ewa2GANBqIf_mR422XZiXqs1PW0HHXVZAm1HAUMuBhUksi0zxVzoWghcHHhEz2U-FQuge1XN9LVOvFkwiZ7rpGM2kbIevGxP3cUCXzbdO_CZ7P2GisKXrkGNAmYE7Xaiajb7Yre265UjpKFhfV4clmSpnZ7uEOA3QflC1JumiRiFxGSYerm16XPn42FinafT3HqkpBJoCHk3uyTQ6bbMW5e4b6BCWE0zq1ZsR2uLvD_g5S26d76rwwl-mOsZz-esFIiOj_xZ30Jptvz7FTXG-u5wT7uhy4AqEEYaVSv5HAsSDUfu-kUiZ2m9x_nfH9cYPm__PyfFUjh07mVax5jDUZhSY-uw_0TQuYKpHeJNwRCiV-lp_EZfZhozQrA0yAoNDwziTl6h6izG1u54ZpQxcvickBvfyZn27OV6_jvlrZsl9Al7V9FiPLloKL2Se4TPks3AS6utVVHZTCDvcrNHWX3NcNoCT2o-jquZmbd1h28UwSMmmzwrEWMAKMY3ju7VLUyURBrNefvkg0WVfI2JgI0LKiuZYsmqJgMbjWAsH04sLOl3VKY1jYu3ajmObsSh65ZT4ET8Z4PVCysG2tQvoukBqEoVV2_QOJWHSniDUxpW4WTJAnxwG1IaGZfUmIVSJWI5REg4yriKdlpk5w-eb5mqvfyyetVFfKzeF_wEdVV8hRaq5gby0S3pp_vu03dlbPd2HCROdDQVmKuC0jG_4el71ahJq0pFxzSnanmAGoX9jCI_3kCxjwnm37vrMYTQ8GCddA2gzmJStQWULBNQYTCC20VC8igZ_Gy0Q3MQ1dB-cATjM5BqITNNajnuUXoVFxgN-2O1aJG8-I00jnvqHv3H6zSkPCgKY0iwi9gLNQKl_n46S-b_MuPgVdHhDXUKKstD0fw3s6ueNa4vd29hu4ndd7PUk6PQBSJoBSt1KUqiRDHHIEAfBdmzA1D2eSlg-5uk8fpJmaSm-jwWkHhQra2EtWYZiSUdEZcChOiryM6Dw66Vlr1_FiFGg_nkSssUw944R5TZwGVqp9ZShoyNIIJ7SjkfaDS_dxtZBW8u_r_maJMYmVPtmqTJbDEEd2YQsfn4fpezQWGRklwM4D2PjbHk62Hzng0aZygPeGYDfJcl9UArRti12yePEhvlk8Iilr50qwj6U7JeLYoZ9KNlZc1I2ZYxRJS0ON-pzlby_MCJ72bf6l03oew_UXxRIgBCiIgq4BHFxUhCMplb18cXYnh1kmZnOX1vMTiaHkXxhE38suvv4JQnHxwbYE6AMT-eUV3TU083BO0PvJpVcTZZ7Oadm8_DG6Uj6QrJE2QsKNk7DES9M14hTwsWVqv1JJ5tkIufMSOLyaLkqlzv-7FR_PmYkf8OeCkPp8uaPbqkj7zJ1BZrNSBMX3GBeAHLcilxAtjRUEe_S1oF6_oF-xazXFSKzWsJfsRAnMFDdFZcstQugtEfTybIhFovVx7ZUfhFnr0XEYTnvOlYi4NnuBvQQ9X-1C29keaXMk6_AIXjh8n66UJ4-NNL8JYWHHJhg8vORjHHJ9ojOXWqYVvsjTRzEdXXzztC509OLoocsVu58Gk1EGUeTefiXK9f8Uvu5lDbZFPU7Ey6bhFbWQwVPur1gQiM1t6sWGtnmuGXngLkBZBko8xvGu58EirRj0m_ejrB-UFC-aYc8_Bm09qKl8-W6Uu1C1BSWIc0QxqN2vow_DGvsLD26uyFSvgBecwm9md2DUu9o6usCA9ifdihtlcgMaq5LrQX_sI9JcENOXLdU410bfBimq5fRM6U0uzyTSbFLTph6ke3HjKu51M-1aHudi1v0ROH6ipT3tVENaB_FdGnsf7kl9jHUH8HVrWk7NBzmOVPBgG-f-5EJkHHfAJiqpBOMWN4qTPpNkII84KpLXQEXQ6tD5K8e1C2_ZF4Fngn6_0Zo7fUIpJYBStAllRVJJX-GUoJ9ca4dwN-wjgJZmP8P3df5Ia5Jxq8s3jFOzOtExJCicTrf1hXablse0Nmytw8gQGXEG0lNsbKTY&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=14190400931800054000&adk=3661671305&idt=164&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6a3c16e5968a12e55b80eba6ab3b31ff033153e48883830cab45bc54faa3d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39117
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C826 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7109537065992&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C826 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7109537065992&version=m202209210101&ct=76&x=1&cor=7245488825463465000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C826 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkuMOndcm8_KG1Yu8AiDyj792zw28mjHmzbtRsIJSj19sta415p_2tH0PnZl7NQu9v7ChwraRRUjlRtE4s0NTYmj8rGA&cry=1&dbm_d=AKAmf-CiE0mpbwIOXHJVfaAfEig0Wkh6t2pIqa1bBOyJfC_gqPYl3uULa95Bn_ulnlh0TGTIp-9lUA4ql4k_CPjbYBoHYnpvSX_kDXkcbL6P5awrmAlCde6sz-vOaD6-UM6afJAFnWvHJSvgcN0hgsdKBQD2BTCigkMxMmhP2PmS5xZlUuHmPovwMSz5KK6q0Kz0oQS6E0celOOQiWCp6yFgKqKqC0NgezmaY-kUsySbq5RXKGAQMSKOHc0NtgoeIq_kgk-Oa_ZGfFUTA479RD2P4-1e2A8SfqaTJ6wmZB8AjafdYkDkhQUBOG0KeEutx3EyKHqoYwhIE2J_DqV7guVjjE3vayjKAMwJBLMuLvu5TMnypNWTCjYPTwsh4dCR-MNHDIV01HjICDwZ7s1FIdODnEBoH1QXbydSOqXq2U5kNlan9xuHKm4STLqqb4wZ185P77pr1ymwDMDZYbmRCmx9BAbipWWyye4NBpREtRGghCRjgRyyUjVOw7Jqvzt5rBmyEStPrx0Cl-M3-TFDBkx6ZRWbO2Xz-TYH39lI-Ie2M7l_TX1wjGaVNWtdk7iDV3D1MGfZygAFc3YnRfsr-jfZcbgXKxNA97jq36o1JQ2e8hCT5FBEN-24P-vo4O_pbM2WOcm8SnHA0fDcXwP_3SMpl0B6QuyHWJh7TH3B67NbccSm2EUMtZ3wlv_1na1mYPC4b0FiMZLMMQ0ge-tCOhzJRI5E2qVbnX15mszKPRNojW3r9jXqkIjcjGoy18tFnJz9FkiYrLYi-uVLKHKkan-FVX3k1tHJkCtptvbT8_kdULevO7NC0h_Yf8Bz3moefAyaMqb7rBilzRnDjYcRvnYHQOLDI3yCRWF-y0pTt_BDmzhwj5Z58Sg7x3j1uqSr_ti_9bhVWI75vApUV1jcGCtyBhBoXEwaff7lzAf91w6T0ySzP-I1j0aCYpgTPeFAFrHj5YARP7yqoMC_O7uViCfsNi68HCVMhDAqyOV1D1meFTsxPIQeCw8jhvkpSHQ35GUnyoxrP-Diir66FgXA9aVURNr644olN_g20i9BaKaj-wPs6XrOxGNKz10gFWAMa-ENh40GSgaE_kSZbshkFF83dtF7ZsQKSzx2ONUP1C-kv6v3JOt_cwnqLt1WCPPK74l1fbmB3R9STDfO0wYsomSJKGYjVNS-nfo7HiqaJsJ6b3TDmZzkCQDpcCdlcieGTK-kqBfQIHE3Wmc03jMIsMsr3dAlh4SaYslv74ST7x8c0A14_yoHRT62hWJjGbZ9NaMc821xhdh1YAAShpBI52MufBRHDtck6FP1ejjKz8CGSlsrhAkfak043OwL9Go87Grvgqrfdv-KsEn3c9NofRdPK__LjjEZLxU38Iv0bmj9iYjfQBnVuiKXfa3RigBgpctmD3pk4d2lxuoDwTzHN2Q8GGbWQnsHBuZAghTPYHBAvVN0DUOs_oG7J9qFMNcy7BsJnuuoH1GPN1bRk4VZPPYf9MjQTPSYV4_9b9O1fx9kiHD0YOWuuvRhzjuxM4nNnG9PujTSdTqdaMcAw89cHIDsA1i6SFS_Y1HKd5rW1Tdtso1CLhZQ4IKMBagks5n24daTRz493GH7N4IPud74B07MSCaETrSilDXBG_UYwMPkkGWo41a7vYGn-izixPnRuh7bF_lNBMY9e-g9BRlyAGenGSLK5JiJXtauxpzLiLC-APXXsezitOX_w_ZiQsRa_AIQ_3dHyVQV2L4-iqkS8wPZw658GvLqIKiJrnfQ1bQuzyPfCkdIOc-t4JowVzpbXJ7WY2tFgjl6ImZvtszuhlwG6XuUsajWJdaHlTLiRSQPYO76WBweqVksw3cKwuEiR0hk5wVNqm2QwVPUnJ0Z6deN_-gSX_Eo-ULLVMHeiSqk3L-9LXhHhBQfH5tPI95xJzKhNRNqgGRHgk70LkJODN8UD4QDYE1Rn81-806RcSi2bkTUHqjHcpPHnkuZrsrfCFiLLnnVJsMy5YRGAJW7k4LXwaItwwtZOs20imoUpY-nsFpSDMhRtm3cP-qt4XTl9A1u0HrvOLiQJGJgu31lqDh35uEntfd264vTdI2SDnsRV8-Xz3xH4pwTwpyydcDMjJ-EzhxS6cURmeXoFY96UBxzav768C5GTdTFMd0sDOjzqNY7Yxu1y6vG46STW3LP4pEyrLoGQ6B4VE8a4r2i1HwxCdfLFhUatUSnYosHn2jKR5aTPMeuyXt05u3ay3xu9RliDs4-XZBrCfsOs7wASg_4jh_mhhaXoNeVYfHGFhHnJBWOgKziH8o2K5o27gcUlt3CdaSfLBj5LWuNRdUuAGWEq4gbC4EYOogs1JCqFwXKWjm4hlX3filaSsPDhLUE2BcVop5NbLkMRYO-3INcu669uoaMdwhU4Jzg_VNcphu1U4zJeQKAgf8ZLngzBgaZEiFyYt2TJySeNXC0xSXq30cPZGJ5m4SqW5xPbGBAn2cX_BqfYemYJAXbwiOLlBfTRoOZgTg-l9YNH9RDWoCbChvdOT8Z9c5-zRRfXPq16NH3tmexdWmc43A2FP5wYppLT07A8BUkaTlE5pKk8XKtY608web1EX_djGCe-xyfHvcjq-5FqYJmfK5qs5O0So0OraAGvu8uw1coIXf8Pa9rJjcRiq0Vujtdch-8k_p8J-gXrQ74sA-JU8KA51u4opuPqkvya3hfLykHe07Ja8jHCkYAQYpiHqIEoNohDbgn5qdNq-Yi1U95VsvkhulCRagHh5uYgTIbjjIQo2-i0Ugd50Svx9U3TNwyRW6mWL2LkhN8myKmTDc6vh4TzYf4NowfipWEjw1IBvja9NHedz1nh1cEyrndyN-MvFjjfSvCgHo6zje9uIApbAa6vSeD0IAojAdhzdxjavLAUg8d2NDCR4cR9PLfberOxVvhSU2u5FJH-AFfeH8oPlepxMuyaEiO8BjuCT7qV7BVvouK0lof0nGffCtczy-xi-BUtxICP8ySt3euGXTl2tSUXduXzktSaUH0P1EE2JR0Fc0nb67MfcrBzJXICdbeAKk9daDMh2QgVW8e6_-dpRcusrtvIqn95kQsZQjrvRGmOlNiu4Tru3B9nx8bXEgYHMKmN9mKvlkP8vp81F6Be7ZdXdXFDMfGpue6EnoHIpE2bD11gZ0W-AgJFDJNyJYsJUWhOLMSJIGdEt1aPwCKOM5I7B9a5QJToBpplgiICfdlLjfXTB-VdPzB2jEFzubZcfTwh19iomuhX4NUqORM-VlGX0GxH-yDd3ZZzZuXABeAHUkFJ52PtWFdQtn8FEqWhMV4v9dZAaFz8dpmrfwVlZpd0blA1wwRj0Wmw8tigpOMWaUMgOuaY7aUrzKHPfJEyZPgneu_9gUIyUIH06YP_vU7BGPrXk-_ubpF1PJz2wKuHEZaokrkrLw-8APYEdbbHUxjPdFWMZi-d3br_VX5M_9juwtgHfVvcLTw9eSZ-RjvcCLS9tnn35fgmqM-V9i0V0W9E5yhcJ0a2SJyunnb_sw_sNuFW9rcTw4lqZN0akSZQ9wHcrgypgB5KkcfZ1bRqzolcH2pOfb9jFVzsyT6XczUQk-AvHp8xWO9nLAmudW0wutEjxqlYdTzn80EUPRXlQ&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=7245488825463465000&adk=792902355&idt=168&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08ccfd969a7bfc6fc5ba95d30b81005d6ff9c960f75f010f00c6b602dae95039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35931
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A135 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5984981385024&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A135 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5984981385024&version=m202209210101&ct=76&x=1&cor=770689035717638400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A135 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5WXMVX785rvKZaJoSs7tKBSzn7k8gxN65UJsHK7QhmlCfFZz1NEyvyz0Qpgz1z6vd9ax8RdKU4GNm47DIhVQAlHBSUg&cry=1&dbm_d=AKAmf-A7TKpWkvivf4-NokGjSBs2drtE6KHCHthjc9fZgq2GZ5LL09wJmwCPbIWDsrcQ9qDtO3iiDnugf7VEdc4V6GnRhLk_RYLMbFcryyv_ylm9sC2exynaXlXVkaPvoNdpLHoyamXpwkek5wGKOP2ixQHqkleTiynI_fuV18HHi-41xl0TGwgpLu702s3mtOZv7nBb3dZKTAEhib8Bqe4-doUirFrztPWQA6w0fPTq65cMMNZTETjtsZuPeHJ9Z9SYvNQZFA-mb_qUB-OBh_WOTHhLn4Y7mwdNvLQqXDd25EaxMnt3ube4IoTP9Mq4M7J2XhBt650sTLGZy6txRqsToRs0FpbF3s2hspfLd9Ox8DVeswqDMbHBdT-R0IItCgWwC4DqkCwU8XgR9NtSrw2FUjCCQJVs07f9e7kRKHWwe7ofO6Uca8cFKubjHoV6N7TemSgmOgadQtxcMedFkTuBewGr7Bj1-58S6yJPJfm5aV6f3yBMfD_r3yOBBcu831nT1Fg-m0r_togxSA7l75XrXWcVkVfJwxET51auw952ThXh8wdj2iecuD6He9RKTky52QSnUrbJ0fndbLc06WVvZZXBHLxEluiTr8ihdl6-yBnLSGtp1iaoTdnj2FbaMST-29cnLwKg6V3BVxPHKbYZEfosGtl3R3Yg-ASCmgEVcMVZBzB3rgrktCQ9-ELeh03M8Nvveg7SBtzJ_tZ_eolyklNZpwaebJJ5r0LKW8RUZz2QMhA9lMNCSi166KBBrcwSLnEtQCh0gOuGI03MaFZ2uWJeQ160q5i7RDoh_ForapHqJYpcc4k4xuFfbgnNXdb-QpPiFWodXHadeywYgoDwzqRalUJy4kL1WGdrmcArNYyXRqC8ksyd46Gpj4cSeNhBU9ep7sUBgOIeK1J6OVd4FFs15Fkk4KD1iavPC6tDMG9zQC8htiDSgF290JnW3RIE1kH38YPGXV1SIOuZQJ9z8puvGgUoKL1nSZxQzZF6dmKaBjUa_iMG_uICCsziKfaQV59ihxEXftR192r4l7kqQpXzuHowR9mTXMCd1GRPNiDyDu07-aiVgsqQus-_tFCvb68rKKD2ufT-DCSWHbhsj86jONBHblBSW1WCUv1g2Y829G1YFRnwiJ9lmOhITrI_p-IsUTxHiUbCKgyLcr0_iZxqnCTY1qQD_mAcOSahjlNSXL_3kyEH0t9Fwgn704aT3ZN_U3x3iqc2sHtS4cCV5j9J-yB_4vTwF1i5s2X5JOerVbApIU-jQPyMQ0ADq5xTkCGvxY_FNO5uUgTTm9JxgPd0wwKbxNfeyFCCf8Id1b9cqA-U1ntK1OXmsYXyYTxMo3r1uIHgvkWw2qO3Rb5geNo2eSE3rji1byPhIZfxsFhIKxOnuQr-EDHbD3VPngKuGy_zPsniLoYgihliT4gCbeWmh9Vu6HEQFdnaXCHSHB-nd8fZ-KMYepKxIIwtaCNWr2vdSyYz1uuI3KMx1s2Dcis6mjjVxDIVK98g074y0N86XuGY0klW0fxbYbyjtj7pxUwmpCcS7UWTEmGfM2c2mpV5_X-JD1Byd1guLy6OP2JFqEcsIwZV0gCieMgHBtLbpSKvf6rmUCcpp9zLcYONU4MmE5pssEVpVzPpuUZEINOSOm0_1SF0B7mojmrxc5mLVokNiuad1Hry0ACmEsBomfEvJqjD_317DPelhICFVKp0hlPsEPkqPLgfyw7pnmSPq66koI7s0H7qX1p03YBwZbgcOdUBgDg_JQeH8d2-g4KaIuQkmslsx_EZre-Z1JEXsiiTo2JgebGT2YdFgBEibTWnF8V_OFRNQD0ulJLTExb8Zy701cq_yzI7Ub3M48nryx38IbCoM6UAsFJRX2nXI1xlthO421tthgZKWP77med1sFTTEdXUb92jxwwZY6_ghvKvpsJvY0OWgoJRdj9hcG4fSunbfu0pBpuNIV0pdHm40kNjcQtAS61B6IAMEK5qd52jVSnisPkZz0flQQx3uKBqk559PruZD1M4wqE7zBXBvarjS-81u6K-U-rdbeSoNpAjVtZFbSyLBYe2UGMv9vsEBfhVT0Mu-Vo2s1dpthYV4A26u4AhS4WhTBsMXVf8Ei3vcJtYY4EfVZzw0NR8mEG-qkLs3rZnnIkh5US1BbAt8OEVbafOUm8daGvtvrMJC6azTTY-l7RDGxtyAiiBgTo3IY5AVUUcarGO7vI_zubg7xvkPn8B8BVhLy0O7TyAbCo-CbtD9LBj5Gxor1DtBgiBCuULaPDZysJ77mbpVsPjC0IhmY4ChgybTcPhTGhW7ZUI6Q75WGlhjM8p54ADvNBUUrx3tzd2iTXraIrM_UTx_5mTc75HQ8h4UT29W2jKX2cpiv2GTlV1xEB2menLGTrUaHcfJC93MzgTvWbxwXSh8OZMpecixw9IAwwGkyDTVHAbPsBzss06cBt8w6al31sSrrgy0agHlNo-ibryjLX4HoUh4RL2F2FvRVSDx-GiP13CCmfYhad_bIIftBHQNd9RsaUHbH-1Xjk1q4hB1b6hWkD5cDSjHBJm2m-gfwWVaU5Va1HsOIzHik-yUmToQhg-siG9VXuNoBO0ycVlrEZEiTdySzH7mMCKYJnZmw49S07EudNgxmY-yGS5Dm_3n8ZspSiVnPHHALj2RFYNhOGoOfDN1TvKwqI4di-4peNu1-TjYkJxnSEmiWyvKe9UNTZJymhYfpPk_ZTc4nu2kQWzrd297c-4T0qTBs3rJKxcb5hItIc93137sISI7F2r5b-5uMGG9OvFtQGuG4Hz2RTNwMQeDCq0Xscv7y9MoVOKJGjIzx2vjsvWTK1QP_MQnizUmxZ709eUOKdkM5Tn67-tVPV13N-VS99KWBEJG9KvH65lUo56JgV-XH8ZoB3Bwv2ylWr5lsFBKhC1lzMOJnLHPj56gIhd7AjiTFx139lggT-MWRaiGAx_40RJX8k-MIery77yUUJTzKkFYPmbfrXNotGr_9RUovfsEA8QUO6u_fc38k1gMv1Oy6mdJl4faI44qoRg50hXyXfkAl08bHwIRUxYVl8_9exxmftyCpH4M8map-XMDvAIzl_pHBWf6XIyYsxd5LJrp0RtwIOO2m3e0NMeyOiUX_wMU85a6B1PS0vWZ737ls3iF_po7ZYLYTGfnsK7Ub1xZYWCud7u8puMm6C1lV9WKN7Xne_pF152P73XKys_dINPv7Sn3eDkTAyEZPGScgtiAF_YJjEjCM1P43LQ6wbtn_fBgKLDabtc2Shp7gQ0c-TIFhdewwxOmjr9z6K6nthAElCA1wEixXinVddW2UHgw3kQ1-F4g5wVZ4UjeHbRckYbQV5Fzilr0fUQpfLtOFMhrmoNreQ9jBi6ZCNnZiZYpiLeuYlNcTbI1-W2a_rb4XLg1VRTAfmRf-CwuYn7igpJXmevESzt7afYZaKdEptBZ0n4-RohC_HCQZvH2NGSD9mqiflWBI6DEIilr1P8Z3mWxpuXvKv8FvZDW1UTViRkkCDrcKJgDd9NmDJPfmnFNRE9Eu_SPJrMlijmPdcjCw9HdGNvv6JWsdIQXXfdqFv34KhrhXHfpsNh3HDierChwfptdWrdX1HjkX982QZ8gQ&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=770689035717638400&adk=2265872549&idt=149&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3cff88e2e98502c824c2a9c1a279c9defc77955579420dfcef03605e7668398e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35835
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9F4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5062564430351&version=m202209210101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9F4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5062564430351&version=m202209210101&ct=76&x=1&cor=4822338309419823000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E9F4 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR7Ln7L3YtFXFw29piMNjk_CfdYqOBQSucf7Wu0slOUIM6mlDTy9thdbXT1PChqniDtJmNXEloWFsAx6CbFVejYa2OQL-jc-edjqk0XZd-S8JXY9lHJbUCiePhQDicb5VYgZjF4FMMFRJ5pnl3HrVFj8AsMnK6P3vUPJPuuUBUJMC14Ck&dbm_d=AKAmf-D7tpzpfy9aY0y-LEjRV3EoTS984lRE5zrJTDMvKMa6TRubPHiS6Jm4uGqK4sMSblDZUFeCdc7nizpEZOZYwfvWenJ9MRyJgKhhIsrPl44QD4lEXs8QAmCJBykW6z7Y7DZ0Xn-bG6vJ7v0xTOiPOTtDtwwHzedBo1Vq9I9Qk9yj7vMe2exIVqLl_SVtnn_Mj1sFmJVljVGXpY1RXc1xCpUQdn28rfeQyOP1UhVpTyJMUuT9agYDcaLRMkZlIIZsKKi4K2VrW5c-1ik7lgw9qvgH_9e5sIyLZuibY-SVxL7lwOzSlyIyBAYBQzxk0dPXHKDu6kiB6_nhkeJfMr9u5Ov7kqTqdGUT-yLi40EGTGLjWS-jcwQAThvNpH8OQWKLa-LW96ODSgapEhE6J4MhntJ7DlXnwpJFaa-h5cObmGxv-QdmrGok7ZR8R8AF3T4P5DUzH4tWL5vCYZg_Ew9fFl_sAszpkWZiHvFR9SB8XbpqhblRbi-Q_kSjJl-hN4MglfSjz2Vcd5tqK_iqk--xJw-rrhNZPapWSAIk9RLcSN8x121QD8SK3nDDRMHbOnfz5zjfrCPheWiw3nQb0J6vKgv6XmgYl8PGiz_PX1srHgVrIcZH6xqfYrGHN4OgroAk9VYeXcZQ7WfOPOtoMrxO6pmaiZ3q4YAtFZp6FvOvZAEbU_KXsVSE3P0LFJLFxrR08C3X_HN41MXnlObzhh_KCuiKgSI698q9aJNW3iktT-ORLmHYJeTFKMGdLOffxf3PhOg2koTSmsah8CfUFWg3mtdhWi0b-YhFGWXENchlqTOB8-lo3f_ia3XpOZNeBf28Q23perS8LAbTZZ4F72P9qkoudijlRjh2hpv7ytzC7cojM6mlIIYXNPqgHuhTwpPumVRKbxnLXP80s8WkkEsWqxagk-macQvq5JCfhiFK6Uk0zVS2mb1VW14Lx63KZU5D4IR0y2mc-wLGTkbRjhdE2QZ6R63VZt4B-XXuuvEOs0fpuUZVoRFnItcVDUNxofJg7rpKGSYy99kB24Z6mrth1qIRw-BwW-KbXwKVjGqNSKMFYYPe8N4Ix4Hy5w9mRwoKkN7vFSpRk15TSPDNhUaAQZq3G52JGfyETBFK9Mnq6s4bJVDujnKCbPjN3NjnZPH9vIjKZVsbnqwbQOtH2VOsZPnP-IlDy-yerVVQOXDAcod_DxUEKIDMzVZ9bx_D_VDJbSUj1JBwL1xu4zjTvAw8CFmmw3p949vfGLoqvVCXJXlpoykuU86EwW0gUIePSF8VDMmvXg6JUMombjpM82PjSKNh6ZnOiJv6UXA51mAAe0coPPw5uMqkMTOabYoT3kbx03_SJv51eacsxyISWR0baze4Ikjox_LXDfh4hux1QdrBLAV70F2nro0CAoM_jeqKlOa-CLrB0wU_8u88scxc7xLZyjTejf4z5vfSeLtiG0KtgVBKfoAWRVCx_yb2_WRvlEtZrBi_bPh9-cd7PxTDl2AANGT30bV_vnGvVkXtAgibDDtjZqdE_mUCJfi2SFvpYBVqqSeIzD4ROqaXTbaDcxzB9BS0S46XGx7Nu3974U0irjz4K_KolPGdsR3NO_qVkOTOi7jFNxKOj-7e3inUXoSjyO6-wwgOX3Si8CQ1NOfc7VavFF8cydIdEmcGxhrUVKeY9LEUrnETTnMd5keFFcOZ01VcoOQhIwqrFOiKD60vNBngUmXAUOIrUTIyxtxBJJ2yuZfH9-rdwEOv1dTzNvSxmE-uY6NXCKoeszWI9YDhKBcy_PL8KQCQth7eYAgGbd7arjn2YHYg4I41Vfr0AGVGHUGPa_OmRRC7eTpJjpn8ax_BjrIBM08S6jKsxx5gSBrtBiQnzyKIyCJnC_rjG_lzTOaXpV_REOR_ELqHSFIDiuyKApeiKxD6mtMTSBgdHACSIE9OlZLfaTacn9F9XlMPWLYjRz8xR6nPPj-nMj-xcBAQ_gKGNCwceZ7ypVzifjxWCme9u7Rg4PN_apxnA4FBdyKTYPIp2vtn89R8tSrNQ0zLb-Gn_0owWx-XfiwDLAYdobkmCYnLKG1Yy3R2oHMItvc5oxz7jEIHX0WNYq5Uoo0zNv8V25C3K9nqYBkS7Sl3au0uGTjjg2coDdnN7CR-pLG03ykN66Q-ktfL6esjykb31iqnqzof0UWvwHUZ1rtK1z51rcSkDmFLP2PFgzxYufEC1LKNMBPBIorI029hSXB8ER8k3jK5-2RTvGUq2q4s7wa2HiY4MsPN-mqOQ--qDJMB4IjngPlnOO0Tli9P5MpmjccL5gKTBTFnlXatyG9PSmqArng0JaLEklmHfSrPMcoVfl8J-RsDsbc4_iIYsgvB4TR2xGC6EnRAGFXGnH4uq4-cSjSGOe_s4lQfBxEmm8gIp8U0Ko9OmYK7A3y5eW7dSqYjAq_r7QCHopxfrVx8Ad2drKjTNYM9NJ0_1CTMmULApCZ7mONePDGwreFOcE1sEeG4lLChOWV7ckJpzncYy4sUpkx41OBcwArlSHZKXoyAAPHWRRX64pubSscWEHQ2qU5hp8_YVve7oQFNgucbAquWEEGgxufRQ4FqkYGxycFkqD9rVZGTSbm7wHrLQWuwYfvtaam7u0wHYrl4IZCnUG-s1A_DcLTJWqV_XwrSwwd6DJfLakc0nb4Lw9ZLxu9ottzbgg1ta5Om5bT1GJ2kBjRmONOg_ps0g-5uTtv9c_waBWxyCkbKlBwya1KjxtDofekLf9P3OIXPtgvFz5A5nTWqr1TftWsTLZxqXNWEjJIf1fdekNr9RFhzU7-9ieRuqtDdyMA-tdI9X4e-OdFzmh8ubgsh3-1uPhVsxNw55Iy2sM9bgos3sDMBSSGqNrmfadCZ_scrr7b7XBjzL_yDe5oRjGqgn-osVeEiCaedbxMaCHDF3dkFvtt670yURDV-PGeAxRIVVjIa9IUbzIY8OWhBb1xIU8IOBD6cvwWdMUPxZVgNRym2kYsHIahq4Zz4WfnUyw2phHNpIwLQO4f6HhXMPS1G2K2KCml7ZOIY0Q61vOuoPIsKxJo5tpg2jsReMDaU3NtC7lOD3Us328tjDCe4ZCRaW6VpYR6NC2QakESAAh3lfoWtGYilElpahbzEHTqccMD0NatGEhgWWZkmf0tTA7rlomC2l93djiy4udFOEitLmFdscxrtGipTrhS0Po287IqBlxH38yDx8XkbAOWsZLgB_Ek0TmfFAc7_oEDD0pADXqXPX9Vit-S5E20nuxyvvoeYix4YeruY8J8l4fMtzv-Ck7MN_s5uwfmwqMtZiodj2swTzWJPeuWfoCwpCkdNZe-EK2zJq7lhztMwZHe81p7ONbg8rEaEpTMAo4yvRHF5nhlFWlzWdXxoFOmn3Dp90LLEt8lYl0i2wL09PICxm77GV9j94mKMGLNXnh9oxWio-Q3uqwLQuo2r_ZHkhDe8p1G_6FRQHpMvsi746_4PHMd5NygPT5J58qjFNaSO31uan77foJnr5rpOLeW87n3L2iW_VReH6zzFK8u_nTmYQqzw3Qx5V4X681V0KffhmOyNUR9tVxZoCrmZsMts85QN6c_1f9SaTD7bZUtD6z87uCy27f07AyfWdEDoJYGO7i6GM5mOCFGZG3zQfAFKATI&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=4822338309419823000&adk=496764934&idt=153&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8fc54afa6386ead68e77c0d4cad4413872676b51d4cd1f4a9f54988322ef9992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39206
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 60B4 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 21:33:43 GMT
x-content-type-options
nosniff
age
234724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 Jan 2024 21:33:43 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 60B4 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 16:41:57 GMT
x-content-type-options
nosniff
age
338630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 Jan 2024 16:41:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A599 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDXRvd2VyMi1zcXVhcmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNECshAAAAAAAAR0AwBAoNEAMhAAAAmpkBfEAwBAoNEAohAAAAAGZm_j8wBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDMwMHgxMDUwMAQKDhAZKggzMDB4MTA1MDAECg0QDiEAAAAAgJm5PzAECg0QBCEAAAAAADB8QDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAABJQDAECg0QBSEAAAA0MzN8QDAECg0QECEAAAAAABKnQDAECg0QESEAAAAAgJjQQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAAAKyBQDAEEhpDT3ltMGFuRTdfd0NGVDdLdXdnZGJJMEhUdyIdZ3BhL21heGltYWxfdjFfb2NoX2hvdGZpeGFibGUoDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8F9D 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Origin
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 31 Jan 2023 09:35:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame 8F9D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOaVkSlaP34N4WdaqaD-TIzHdg9JmzLZ8u_sKZw-ufF2OZUlEAZEQ6YQuSYKMUFEEgTLeBmhWOznfMyObkr-CNjiFYw2nfmQGqeSW_qAuVYwWMicA3R4fVPRwkborp9DLXiS3ch6_2kG3_sbMVHy1aMKOEyURi55CWYm2cqgyf9IFFLC4&dbm_d=AKAmf-BFwNfyZeJG0097pMyN0okJK1XdKY-4BTEPgJEBS7CzBInXZnKbNKscUhf8hqNjMIBi1LYONhUt49FAFwSL86-_TF3MpHxeX02IkJ4RGry4sE0wf9DYYskwD96AWqjO7yQC15465KarM2LiTMd79NwO0fjpL9NiAsKvqyuYXa9Vc1UKBgUJVcnNwZoWhhrui60461N7gXMDJwYti9asbbpcGd3cubOLrlH26XqJlRnIdJ5zFDsDUbvSp0w8FmBEPbBwTiMKuBJsxnnNQIcOhv5GcTd_6V8SeaAluNaUGUjYl4G8mDrowUrzE7Bw72_Hzm6qImZaPgXleYXxLbXiqDHN4ehuBRQuLfjM1XNUKOhJrf0CPDKiQh2_D_QAiYDk_Noa7qkm2Pp2bNuYq0xtkRsNcqHkAUF-ImZaWKn9lQhWH_vxI0w0bEkQjg1YBsot5gPXlTUhZXfjbfXo7-vTIHHcFLfEf1IrtW2DNVZ4CcAQhWeXfZsch26Oi_wSNx7k4_uZwLuKTkn8lxOOzJIbg6SCSEbgM7ttaonDSvkZorxq962A3hpKdmCaZCy1GuVXW07G9DbXPFM-PWhTYMKn5CAVzFkrcmfS5iiLEHwIX6U7QuiBKuzynHbxeQCbcGp5pzPES8JRi1sDT9FTtKKCV6lTOo_OaXYCH6UX3e_aHGJ1BFnuyQM8WZSk1a95CpCg1As1VdLHbEIrGzL2L_HjvlPvqd1SY8LbRLYWhI9AU1VTM6wCpjQVqqmcGsiuOo94td_BSdULdaAwJnyf7jBsTX3X72agptrtltKppgX7pUPOG0oqBBTzPuw0852wJOS1fDdu3zxCHd7hhIJtAVr8o7IeJ2kZT4NcTmXuoPGFJVYwJjRIQmXfSx-gKu_EIhh3-ZJGt5Jif8gbKXbXokJ2NPkacyFGor3vMxOvtEt_Vt233ardeSRqs5xXSnQQBxPt3Oe4FvBJtYKzPyRoWOI3buPjFGytp8304rCYhKNXSv2LQ7D3PM-3o1xqCjFdC_395mWW3RKRkgjZTvAhjnYcyDP-pibp1mOx4w5aQva4oSMsXGFfs3p9NTqimpm25I5si2Sx5Kp9nIAcewWGMA9hhTw8jmpLaDycJ26-O8ef9rQ5IHSevAcCAYbd8ihuR0zPLtTF4zqwsGpEAMVaf8snP4adG10NFCkFwVtgiMXTizMngTe8oYzZY61v_-YiNH3CAVSM6Z31amWyP3YddmiFHqFfofIPnrtZyTSqtRJI0fSgOslA8EnMw2kxciN9krtAG-ENJaEimTIOkYWb3eaQfRXneOmI3f0Dn-nA5b3OSJXY2gl_GpUPaZz4FS3jVcejHrkjAnUI5L5JnxrC86rajRTuhbI7WMw1kwhjvQCm2ngouYHQLT4laDhqOuKxN6EU36fxgbyiVkwHBNSlq1jpx8WLz4REXEtQDPtzSFwsWAPjndfgaOKoG1OYUAyTpzX41aY00ws9SGGCNRS2dYfhtP1RedCAvmqwGL5_3J7dD9lYndYu6MBalSmnAVRLVfwnHlHHc4Wy7_1_HVQipSRzehSQ5qbnglJhlnnCxIORNmEDyoAapqLIjPbFWYRGUFTEm8e62V26Km7wnZiL57KooYrNIFeJMFMXW3xjNajQDt0Sm0iM_OVHyHHYnQlyqbBd1N_rLzsIzRaSxygmPD6ujQTrtktYFn4JFE-ElXkpe_rtGAfejkaBq-9vCWErLo4S4Zrot4-oH53IFiAycyavwh0lEwh4C4Y_6QCfaHnHaG-Ne71RMwktREVrOgW6EbzKuWvRVIYVXY6FVqSP6RwtipDRDsnuqwrH1vi1E9NnWgVrRMdHzPLUAegVvT-jsd9P4BHYXh13FkLbSsPfuXGy6bWwc0CWe_YLaLyALPdq85oUlzQlWiFp_W3_UkbZ4rhLioHgkJ78LoaX7QVKGVEHON8w25SHJcpwyxVkpDrrwIQzwGS5KmpIGbucy96x-gINaZZdfWJMuUM0oJLqIGRvx1sVOwQJbnjAjXajl-J5qqt6CZ0MHgrTfkijWsEEi70PncjmKOzHf6lJ5brjhLEZJnEATFeCHuTpjYSyUC5Sgq1Q_nK_0ZhOSIeT18mDhg4TNmIaFISe_eYYfRI4ypSjaVyXwDBLOrVEXcYUOmt_obayGj8YgtOygKy1_JmKgZhKAYiiASO6TB0OhWngrp_6qrC70vF17mACb4fl3B0L_UdxKPsZv3szYFZh7CpaLF-zmLP2AU-cINSL2zhLs33c5TiBu9BEAUEG7m3p5pqoAcvpSurldftD9iAFfsgLrgv1GlIzDjZykVIxoaV3QMQFuUPB-UjNMMq645WfJM-cCTq6APx8lFO_3p9awwT0ZsNZ1Jy7Gic7F-RSGJwTmq9L3ew4n3-9GVvGOL8_HFeY-aQBFdTvYFsJ7p6v6aauhJFzb-MyUwesOI7sYYMXiaNz6m9a6LME3s4eauOzNFT8UltIIymq1lGFltgaZqYuYD-lBllFMeWhyqrAauUhLjPmHg89TsmucsqpYjbjdyAzbPgjjT9ZOAYO0IdDN0kvV8piEB8UY9PtAj3h2-HgwVX-Y6jzv6rH2gPdgzbHmfTBWVDE3A-NPSP6wJDa60phfgxl8960XaSjXRR5hwpec6U6WpRkjJ-Ee8YoHRPKPrpk0X6jMSYv79x7mPuMw_0s-J8i-CadOp0Fb3m72OU3UiFTHrnaM5YnSpU98UI3o953QK8lt1PatwhK7XqneHhHVPje9wA0Df-9yGhAEG00c758W8qPDLAOeHNGbl5uqNGJ0vrzsJ5VAzfoblUjhmAQO5CanTi0wxV1-IOERK545XO1ngNdqkRiRxI03Qw44FtH7f8Kq95emzym2BeRqsv1MYX0te3mjr366GKSpsIpe8A3vUB_HRCk07WypC5IyJXarbvha7Xi5ZypjJzw5HefEh5PABoZeQuAy81dzkXqmQaT2QI3ZW7iWDhEm6UQs8U3SZygVL6PZnPXh15S4YvAEtnSegvP6UdkMF_jiuG3aFfBLe-RVBsIl3dCcshIu9dsGOI_-Vf_iZpy3CTs5TfCkLFmuS8IHo_AOBPhLoLIfUNp2goPnXzE9hJ5kA3ROcCe7VHFskmQNYfMbmebkYSvpNjkQeL5KgfT03qemb4_srRzMlhU9tz7njHhCYR8A-f6tGoHCIf_TC6xMhwHiKCE1IfPv6azPVmnj3qHl_TkL0sQCMGOk1ks9nPjjt3WNp2AByhkeJAtekXd2563a0ohjolnNp_ZvxIgikFmtPSDUP7WMsbBP1Jpg4Dn_ni_TD9sq8Po4UFUdy61oGMZOyfnZRTv-A9NXspIRm8XmAE-EDpuOXJ3nWb3DVQo4GlimDPsFjghfyfBgUixthUK345bScyQqZWNRfXqFg9LijCYaLC7eJXnxCNhpporzhEebvqBjwLQ3PKNjXy8sbGH85901Vi2oSWDcg3amm26BrQu18_MksWzjSDN6Q&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=11858779131684209000&adk=3037181500&idt=73&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
15481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:27:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 8F9D 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOaVkSlaP34N4WdaqaD-TIzHdg9JmzLZ8u_sKZw-ufF2OZUlEAZEQ6YQuSYKMUFEEgTLeBmhWOznfMyObkr-CNjiFYw2nfmQGqeSW_qAuVYwWMicA3R4fVPRwkborp9DLXiS3ch6_2kG3_sbMVHy1aMKOEyURi55CWYm2cqgyf9IFFLC4&dbm_d=AKAmf-BFwNfyZeJG0097pMyN0okJK1XdKY-4BTEPgJEBS7CzBInXZnKbNKscUhf8hqNjMIBi1LYONhUt49FAFwSL86-_TF3MpHxeX02IkJ4RGry4sE0wf9DYYskwD96AWqjO7yQC15465KarM2LiTMd79NwO0fjpL9NiAsKvqyuYXa9Vc1UKBgUJVcnNwZoWhhrui60461N7gXMDJwYti9asbbpcGd3cubOLrlH26XqJlRnIdJ5zFDsDUbvSp0w8FmBEPbBwTiMKuBJsxnnNQIcOhv5GcTd_6V8SeaAluNaUGUjYl4G8mDrowUrzE7Bw72_Hzm6qImZaPgXleYXxLbXiqDHN4ehuBRQuLfjM1XNUKOhJrf0CPDKiQh2_D_QAiYDk_Noa7qkm2Pp2bNuYq0xtkRsNcqHkAUF-ImZaWKn9lQhWH_vxI0w0bEkQjg1YBsot5gPXlTUhZXfjbfXo7-vTIHHcFLfEf1IrtW2DNVZ4CcAQhWeXfZsch26Oi_wSNx7k4_uZwLuKTkn8lxOOzJIbg6SCSEbgM7ttaonDSvkZorxq962A3hpKdmCaZCy1GuVXW07G9DbXPFM-PWhTYMKn5CAVzFkrcmfS5iiLEHwIX6U7QuiBKuzynHbxeQCbcGp5pzPES8JRi1sDT9FTtKKCV6lTOo_OaXYCH6UX3e_aHGJ1BFnuyQM8WZSk1a95CpCg1As1VdLHbEIrGzL2L_HjvlPvqd1SY8LbRLYWhI9AU1VTM6wCpjQVqqmcGsiuOo94td_BSdULdaAwJnyf7jBsTX3X72agptrtltKppgX7pUPOG0oqBBTzPuw0852wJOS1fDdu3zxCHd7hhIJtAVr8o7IeJ2kZT4NcTmXuoPGFJVYwJjRIQmXfSx-gKu_EIhh3-ZJGt5Jif8gbKXbXokJ2NPkacyFGor3vMxOvtEt_Vt233ardeSRqs5xXSnQQBxPt3Oe4FvBJtYKzPyRoWOI3buPjFGytp8304rCYhKNXSv2LQ7D3PM-3o1xqCjFdC_395mWW3RKRkgjZTvAhjnYcyDP-pibp1mOx4w5aQva4oSMsXGFfs3p9NTqimpm25I5si2Sx5Kp9nIAcewWGMA9hhTw8jmpLaDycJ26-O8ef9rQ5IHSevAcCAYbd8ihuR0zPLtTF4zqwsGpEAMVaf8snP4adG10NFCkFwVtgiMXTizMngTe8oYzZY61v_-YiNH3CAVSM6Z31amWyP3YddmiFHqFfofIPnrtZyTSqtRJI0fSgOslA8EnMw2kxciN9krtAG-ENJaEimTIOkYWb3eaQfRXneOmI3f0Dn-nA5b3OSJXY2gl_GpUPaZz4FS3jVcejHrkjAnUI5L5JnxrC86rajRTuhbI7WMw1kwhjvQCm2ngouYHQLT4laDhqOuKxN6EU36fxgbyiVkwHBNSlq1jpx8WLz4REXEtQDPtzSFwsWAPjndfgaOKoG1OYUAyTpzX41aY00ws9SGGCNRS2dYfhtP1RedCAvmqwGL5_3J7dD9lYndYu6MBalSmnAVRLVfwnHlHHc4Wy7_1_HVQipSRzehSQ5qbnglJhlnnCxIORNmEDyoAapqLIjPbFWYRGUFTEm8e62V26Km7wnZiL57KooYrNIFeJMFMXW3xjNajQDt0Sm0iM_OVHyHHYnQlyqbBd1N_rLzsIzRaSxygmPD6ujQTrtktYFn4JFE-ElXkpe_rtGAfejkaBq-9vCWErLo4S4Zrot4-oH53IFiAycyavwh0lEwh4C4Y_6QCfaHnHaG-Ne71RMwktREVrOgW6EbzKuWvRVIYVXY6FVqSP6RwtipDRDsnuqwrH1vi1E9NnWgVrRMdHzPLUAegVvT-jsd9P4BHYXh13FkLbSsPfuXGy6bWwc0CWe_YLaLyALPdq85oUlzQlWiFp_W3_UkbZ4rhLioHgkJ78LoaX7QVKGVEHON8w25SHJcpwyxVkpDrrwIQzwGS5KmpIGbucy96x-gINaZZdfWJMuUM0oJLqIGRvx1sVOwQJbnjAjXajl-J5qqt6CZ0MHgrTfkijWsEEi70PncjmKOzHf6lJ5brjhLEZJnEATFeCHuTpjYSyUC5Sgq1Q_nK_0ZhOSIeT18mDhg4TNmIaFISe_eYYfRI4ypSjaVyXwDBLOrVEXcYUOmt_obayGj8YgtOygKy1_JmKgZhKAYiiASO6TB0OhWngrp_6qrC70vF17mACb4fl3B0L_UdxKPsZv3szYFZh7CpaLF-zmLP2AU-cINSL2zhLs33c5TiBu9BEAUEG7m3p5pqoAcvpSurldftD9iAFfsgLrgv1GlIzDjZykVIxoaV3QMQFuUPB-UjNMMq645WfJM-cCTq6APx8lFO_3p9awwT0ZsNZ1Jy7Gic7F-RSGJwTmq9L3ew4n3-9GVvGOL8_HFeY-aQBFdTvYFsJ7p6v6aauhJFzb-MyUwesOI7sYYMXiaNz6m9a6LME3s4eauOzNFT8UltIIymq1lGFltgaZqYuYD-lBllFMeWhyqrAauUhLjPmHg89TsmucsqpYjbjdyAzbPgjjT9ZOAYO0IdDN0kvV8piEB8UY9PtAj3h2-HgwVX-Y6jzv6rH2gPdgzbHmfTBWVDE3A-NPSP6wJDa60phfgxl8960XaSjXRR5hwpec6U6WpRkjJ-Ee8YoHRPKPrpk0X6jMSYv79x7mPuMw_0s-J8i-CadOp0Fb3m72OU3UiFTHrnaM5YnSpU98UI3o953QK8lt1PatwhK7XqneHhHVPje9wA0Df-9yGhAEG00c758W8qPDLAOeHNGbl5uqNGJ0vrzsJ5VAzfoblUjhmAQO5CanTi0wxV1-IOERK545XO1ngNdqkRiRxI03Qw44FtH7f8Kq95emzym2BeRqsv1MYX0te3mjr366GKSpsIpe8A3vUB_HRCk07WypC5IyJXarbvha7Xi5ZypjJzw5HefEh5PABoZeQuAy81dzkXqmQaT2QI3ZW7iWDhEm6UQs8U3SZygVL6PZnPXh15S4YvAEtnSegvP6UdkMF_jiuG3aFfBLe-RVBsIl3dCcshIu9dsGOI_-Vf_iZpy3CTs5TfCkLFmuS8IHo_AOBPhLoLIfUNp2goPnXzE9hJ5kA3ROcCe7VHFskmQNYfMbmebkYSvpNjkQeL5KgfT03qemb4_srRzMlhU9tz7njHhCYR8A-f6tGoHCIf_TC6xMhwHiKCE1IfPv6azPVmnj3qHl_TkL0sQCMGOk1ks9nPjjt3WNp2AByhkeJAtekXd2563a0ohjolnNp_ZvxIgikFmtPSDUP7WMsbBP1Jpg4Dn_ni_TD9sq8Po4UFUdy61oGMZOyfnZRTv-A9NXspIRm8XmAE-EDpuOXJ3nWb3DVQo4GlimDPsFjghfyfBgUixthUK345bScyQqZWNRfXqFg9LijCYaLC7eJXnxCNhpporzhEebvqBjwLQ3PKNjXy8sbGH85901Vi2oSWDcg3amm26BrQu18_MksWzjSDN6Q&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=11858779131684209000&adk=3037181500&idt=73&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 18:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
74394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10810
x-xss-protection
0
server
cafe
etag
8766511519597269738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 18:05:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDXRvd2VyMi1zcXVhcmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNECshAAAAAACAVEAwBAoNEAMhAAAAaGbufUAwBAoNEAohAAAAAM7M_D8wBAoNEA0hAAAAAAAAAAAwBAoOEB4qCDMwMHgxMDUwMAQKDhAZKggzMDB4MTA1MDAECg0QDiEAAAAAgJm5PzAECg0QBCEAAAAAABB-QDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAEBVQDAECg0QBSEAAAA0MxN-QDAECg0QECEAAAAAABKnQDAECg0QESEAAAAAgJjQQDAECg0QEiEAAAAAAAAUQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAAAAANCBQDAEEhpDTzJtMGFuRTdfd0NGVDdLdXdnZGJJMEhUdyIdZ3BhL21heGltYWxfdjFfb2NoX2hvdGZpeGFibGUoDA==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60B4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDGxhcmdlLWJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAIBhQDAECg0QAyEAAABmZn6BQDAECg0QCiEAAAAAkJnJPzAECg0QDSEAAAAAAAAAADAECg0QHioHOTcweDM1MDAECg0QGSoHOTcweDM1MDAECg0QDiEAAAAAAAAAADAECg0QBCEAAABmZoKBQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAMBhQDAECg0QBSEAAAAzM4OBQDAECg0QECEAAAAAABKnQDAECg0QESEAAAAAAJzRQDAECg0QEiEAAAAAAAAYQDAECg0QEyEAAAAAAAAIQDAECg0QFyEAAABmZn6EQDAEEhpDT3VtMGFuRTdfd0NGVDdLdXdnZGJJMEhUdyIJZ3BhL21vbnRlKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 4548 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDcG-di5gn8m9Clbgw3Ml1I&google_cver=1&google_push=Aa02lx-GoBj94Mp2YcGWJT4sINCQwgaNUmcubmjBnnkAj2ZOF3Nx8pFzjSJ_Ex0U7OxAXUMZo3MFoQnwdHebV8jEj4b_zjFrcoU
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFErzBKa0hqiIjitq19bt9k&google_cver=1&google_push=Aa02lx_4OzJkF7zJGRFLvAEWkk_ReC5trU8hjOPTAgz_t2JYnfqEHiJLBZQ6nR1nhvE2WVzRKrks_a9Ms9Dx2BN2...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0XojgE6-SRmzBEnyKxiZmQ2&google_push=Aa02lx_4OzJkF7zJGRFLvAEWkk_ReC5trU8hjOPTAgz_t2JYnfqEHiJLBZQ6nR1nhvE2WVzRKrks_a9Ms9Dx2BN2Zwu_x_OzeuRo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0XojgE6-SRmzBEnyKxiZmQ2&google_push=Aa02lx_4OzJkF7zJGRFLvAEWkk_ReC5trU8hjOPTAgz_t2JYnfqEHiJLBZQ6nR1nhvE2WVzRKrks_a9Ms9Dx2BN2Zwu_x_OzeuRo
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 30 Jan 2023 14:45:47 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0XojgE6-SRmzBEnyKxiZmQ2&google_push=Aa02lx_4OzJkF7zJGRFLvAEWkk_ReC5trU8hjOPTAgz_t2JYnfqEHiJLBZQ6nR1nhvE2WVzRKrks_a9Ms9Dx2BN2Zwu_x_OzeuRo
x-host
tde-deliveryengine-production-fb497649f-dfbbt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wqOymprHR4q7xmxDiW3ccw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wqOymprHR4q7xmxDiW3ccw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_VmSw7tzpBzIacihTjBSBbI7jKqOOMWOt4iTd440CqT9KtIo7TkzLAbK5d1h9Tlx7--DDodhlOVbpcubeKwpjlkxzEEVA
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=wqOymprHR4q7xmxDiW3ccw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_VmSw7tzpBzIacihTjBSBbI7jKqOOMWOt4iTd440CqT9KtIo7TkzLAbK5d1h9Tlx7--DDodhlOVbpcubeKwpjlkxzEEVA
date
Mon, 30 Jan 2023 14:45:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIgJSsx2mUbeNM1H0UNF5y8&google_cver=1&google_push=Aa02lx9ki0vOLa_YmVTvTkuKf4yCZ4HY1zMnp0atY88wX8xTwa28BGXFSUgq8pPTRwbbLIvrz2A...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE&google_push=Aa02lx9ki0vOLa_YmVTvTkuKf4yCZ4HY1zMnp0atY88wX8xTwa28BGXFSUgq8pPTRwbbLIvrz2AzkyPLsJfhQohJlUsN_QlUCtfK
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE&google_push=Aa02lx9ki0vOLa_YmVTvTkuKf4yCZ4HY1zMnp0atY88wX8xTwa28BGXFSUgq8pPTRwbbLIvrz2AzkyPLsJfhQohJlUsN_QlUCtfK
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE&google_push=Aa02lx9ki0vOLa_YmVTvTkuKf4yCZ4HY1zMnp0atY88wX8xTwa28BGXFSUgq8pPTRwbbLIvrz2AzkyPLsJfhQohJlUsN_QlUCtfK
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx-1Q80eUN78vCYcXlC-2ah3bZ671yR1t...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx-1Q80eUN78vCYcXlC-2ah3bZ671yR1tv2YqrccLUlA0Y6JYHyVr9gOjH7QOced0QLHqmBuPDiVtBaLUtSnciBThm2QX3_X
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JvPnh0KODa1lVG9WgD08szYIsQfBzdnRQN9IZvZnDSIQbMtOASAlkV1wW9%2BooJSFP%2FrbJUN2Dgd7ZOSLrBFh30RSYsg0cGrRC7KOv38%2F7frElRK06%2FzLjmznw8vRG0OdmpoLSgqusj2Yvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx-1Q80eUN78vCYcXlC-2ah3bZ671yR1tv2YqrccLUlA0Y6JYHyVr9gOjH7QOced0QLHqmBuPDiVtBaLUtSnciBThm2QX3_X
cache-control
no-cache
cf-ray
791afe4dbae79b33-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx-ksP3AhTYgab9sJURR7Byk_x4NcEi9RyIIfsqOwi-Sl7-7-wcIhiGfd0iHx_TnMrJThMBj8MksjGyhJdYms6fIw7...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx-ksP3AhTYgab9sJURR7Byk_x4NcEi9RyIIfsqOwi-Sl7-7-wcIhiGfd0iHx_TnMrJThMBj8MksjGyhJdYm...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx-ksP3AhTYgab9sJURR7Byk_x4NcEi9RyIIfsqOwi-Sl7-7-wcIhiGfd0iHx_TnMrJThMBj8MksjGyhJdY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx-ksP3AhTYgab9sJURR7Byk_x4NcEi9RyIIfsqOwi-Sl7-7-wcIhiGfd0iHx_TnMrJThMBj8MksjGyhJdYms6fIw7ZFmvhd
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx-ksP3AhTYgab9sJURR7Byk_x4NcEi9RyIIfsqOwi-Sl7-7-wcIhiGfd0iHx_TnMrJThMBj8MksjGyhJdYms6fIw7ZFmvhd
access-control-allow-origin
*
date
Mon, 30 Jan 2023 14:45:48 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 4548
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx8vLgXxsf48OlUAscK0PVISO64J3Xbx3FniE59to7bbiwf2yGPXGslwNFvpBTaiuQUhtE4PHCvV7ZwBiaAEJ1uOHr73EfmN&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-334c9d14-522e-465d-bcb1-937c671fc7b0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx8vLgXxsf48OlUAscK0P...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8vLgXxsf48OlUAscK0PVISO64J3Xbx3FniE59to7bbiwf2yGPXGslwNFvpBTaiuQUhtE4PHCvV7ZwBiaAEJ1uOHr73EfmN&google_hm=AzNMnRRSLkZdvLGTfGcfx7A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8vLgXxsf48OlUAscK0PVISO64J3Xbx3FniE59to7bbiwf2yGPXGslwNFvpBTaiuQUhtE4PHCvV7ZwBiaAEJ1uOHr73EfmN&google_hm=AzNMnRRSLkZdvLGTfGcfx7A
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx8vLgXxsf48OlUAscK0PVISO64J3Xbx3FniE59to7bbiwf2yGPXGslwNFvpBTaiuQUhtE4PHCvV7ZwBiaAEJ1uOHr73EfmN&google_hm=AzNMnRRSLkZdvLGTfGcfx7A
date
Mon, 30 Jan 2023 14:45:48 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX334c9d14522e465dbcb1937c671fc7b0003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 4548 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KudxvHFzIx3yolpUX2qp_VQy5IEgNGD24EsALWfKVas73wN4kj82pnMA8rc5gojQpw0pW1
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DE06
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1&google_push=Aa02lx9w_GCDU4bTR5Ek-dEfnm42nD7ks6oYQT1NDnMMZT0m33YQRyJrHdQDshg3YWEt8id2WFBB10fiFeRjUwVtTCRnivpjn7mKMg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE0NTY5OTM5OTI4MDcxNjU0OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame DE06 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA8ls45UiHuu8Cx-jrRZWOU&google_cver=1&google_push=Aa02lx-OHt91RxVu3aM1db__DfXveGrICcoEHbdwIjgDRjHm01Fgl6k67VBIlHXtZtCGPYHv7Ru_XiwigZaOE5v_6RBn68Xv-wXPBQ
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame DE06 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELk6Xol7AOeBQQXeoeGmaOk&google_cver=1&google_push=Aa02lx-5UcVz_PVmm6isrdQ1zTy4TSMbZfx5f3kX8_8oxGnZeA8WAdDRK4cmNi-OWiKXBFmK2_5yRKUYJ5FpU5nFMuOyQ4aD2IwaEw
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame DE06
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDgiq7Ykvqz0hGHRgHeLLkU&google_cver=1&google_push=Aa02lx8JZ_RZhto3YAUsiT5dEc5i9pMY7jeravp8-JYZXzeh1-u4DMTvhVnSanuKgsFeKoxwFTFQGzUpr8e...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8JZ_RZhto3YAUsiT5dEc5i9pMY7jeravp8-JYZXzeh1-u4DMTvhVnSanuKgsFeKoxwFTFQGzUpr8ep4Rhl7JpNSjjcApytqQ&google_hm=25Mw5zC6RbyaLMC9zC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8JZ_RZhto3YAUsiT5dEc5i9pMY7jeravp8-JYZXzeh1-u4DMTvhVnSanuKgsFeKoxwFTFQGzUpr8ep4Rhl7JpNSjjcApytqQ&google_hm=25Mw5zC6RbyaLMC9zC6YSMo
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx8JZ_RZhto3YAUsiT5dEc5i9pMY7jeravp8-JYZXzeh1-u4DMTvhVnSanuKgsFeKoxwFTFQGzUpr8ep4Rhl7JpNSjjcApytqQ&google_hm=25Mw5zC6RbyaLMC9zC6YSMo
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DE06
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHt6er1rhLcuc4Fc4Od4WWo&google_cver=1&google_push=Aa02lx_KZYSJDBtqAd6erTMczqT4XYZzlQ0A_s-oZd-YE23vRZcTdCNt2yBfocGDi_yGkyHT_9a_YxRy5Y2aieD2XC6X...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEHt6er1rhLcuc4Fc4Od4WWo&google_cver=1&google_push=Aa02lx_KZYSJDBtqAd6erTMczqT4XYZzlQ0A_s-oZd-YE23vRZcTdCNt2yBfocGDi_yGkyHT_9a_YxRy5Y2aie...
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a9bec712-4ae9-4888-9cad-95fa19b954c8&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78IJfU6cWSwrQ&google_hm=YoCtvfNkReaneT0CWi0vOw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78IJfU6cWSwrQ&google_hm=YoCtvfNkReaneT0CWi0vOw==
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78IJfU6cWSwrQ&google_hm=YoCtvfNkReaneT0CWi0vOw==
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame DE06
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx8NXYUmv2qyfJm6W6_6sx2S3QdvumHuaCeUt3GtrJK-kNpUebnu55BF8_8Z-eQGW7KuJe9ufAz5...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx8NXYUmv2qyfJm6W6_6sx2S3QdvumHuaCeUt3GtrJK-kNpUebnu55BF8_8Z-eQGW7KuJe9...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx8NXYUmv2qyfJm6W6_6sx2S3QdvumHuaCeUt3GtrJK-kNpUebnu55BF8_8Z-eQGW7KuJe9ufA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx8NXYUmv2qyfJm6W6_6sx2S3QdvumHuaCeUt3GtrJK-kNpUebnu55BF8_8Z-eQGW7KuJe9ufAz54haG99s6y36Dp_3RrY-BGg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx8NXYUmv2qyfJm6W6_6sx2S3QdvumHuaCeUt3GtrJK-kNpUebnu55BF8_8Z-eQGW7KuJe9ufAz54haG99s6y36Dp_3RrY-BGg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame DE06
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7kubSRxPQ4GKSTFeQkIosw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7kubSRxPQ4GKSTFeQkIosw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-GFz-Pcu4fO-DPGC1J0ZXi4cmbEehKdGAQN6ROwJRst5IpRfoW9VJqhMnfSNOXmKjmJ9Qil5kMavJIfZMXlkFlo83wloAQYQ
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7kubSRxPQ4GKSTFeQkIosw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx-GFz-Pcu4fO-DPGC1J0ZXi4cmbEehKdGAQN6ROwJRst5IpRfoW9VJqhMnfSNOXmKjmJ9Qil5kMavJIfZMXlkFlo83wloAQYQ
date
Mon, 30 Jan 2023 14:45:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame DE06 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ID3OivH9sgrSDG32JPU0_nz6RkWUhJfO7vbj4A7SnqHUibeZ3ZK8nUhFevRNnzW9J9TKkH
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dpixel
cms.quantserve.com/ Frame 28E1 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA8ls45UiHuu8Cx-jrRZWOU&google_cver=1&google_push=Aa02lx_SQXpGG2TOUGlyOau0HiQOhuykOC2AR0Q2JCKBgwvSlVAVv0WZkzV9S8WcP3991Ww2USiTGC6YGw_nNbnNCvnrEMllxngF
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 28E1 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDcG-di5gn8m9Clbgw3Ml1I&google_cver=1&google_push=Aa02lx-VFVz7YVSCe5-I7mm4JQ4iUSgf3zbipWDiGG9LIGt7V05asa2VKBNOoIuiNybEtem_Kv5H1QF22pNy-DSn1-1cRUUEnTo
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 28E1
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKpp2MgaJ57bH96VIuBmIbo&google_cver=1&google_push=Aa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcIt&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKpp2MgaJ57bH96VIuBmIbo&google_cver=1&google_push=Aa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcI...
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKpp2MgaJ57bH96VIuBmIbo&google_cver=1&google_push=Aa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcIt&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcIt%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
791afe4f790a8fe8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
180
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKpp2MgaJ57bH96VIuBmIbo&google_cver=1&google_push=Aa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcIt&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_GqAvQpPB8RUZQO5G0Tiny2dAFY2ruEKkXuEJoiLBk9w-v8u_X6utOb652X-RGrMZZkXrArmVmufBqCEVcDCx3LaVJvcIt%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
791afe4dce698fe8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 28E1
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFErzBKa0hqiIjitq19bt9k&google_cver=1&google_push=Aa02lx-iW5Val_GeuYSw1G0e3WcOd13y4M1zdAwy9FRgjvc9O7FPujcBC-k_BJNS3U2_KENSBX3qd-tut_QER91j...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9VBJN13DTzeYYCj9FtDTJw2&google_push=Aa02lx-iW5Val_GeuYSw1G0e3WcOd13y4M1zdAwy9FRgjvc9O7FPujcBC-k_BJNS3U2_KENSBX3qd-tut_QER91j9IpXSQhFdhxy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9VBJN13DTzeYYCj9FtDTJw2&google_push=Aa02lx-iW5Val_GeuYSw1G0e3WcOd13y4M1zdAwy9FRgjvc9O7FPujcBC-k_BJNS3U2_KENSBX3qd-tut_QER91j9IpXSQhFdhxy
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 30 Jan 2023 14:45:47 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9VBJN13DTzeYYCj9FtDTJw2&google_push=Aa02lx-iW5Val_GeuYSw1G0e3WcOd13y4M1zdAwy9FRgjvc9O7FPujcBC-k_BJNS3U2_KENSBX3qd-tut_QER91j9IpXSQhFdhxy
x-host
tde-deliveryengine-production-fb497649f-zqlbj
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 28E1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx-9FhPxVNwVkNQPBvGeuF723-hKqWyg5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx-9FhPxVNwVkNQPBvGeuF723-hKqWyg5f0E9wyFzonaINWq283IDK62uQVtAb9UXIyiKp3voTQzUbyG6nkwKkDbOECIyJmB
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfFbppLN0kNuiCEM2fnOilE3ZMDN9e%2BMnZSrLgkclDzoloqFD9ZuL8sUTuvtJV6mLdUsY1hihOFAOFd5xeI%2FOA1HscCOSdhc5B2fcrfUF7cwbYtvZ%2F7CtHYlLEqejFhfPf50NVTOm30ubQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx-9FhPxVNwVkNQPBvGeuF723-hKqWyg5f0E9wyFzonaINWq283IDK62uQVtAb9UXIyiKp3voTQzUbyG6nkwKkDbOECIyJmB
cache-control
no-cache
cf-ray
791afe4dbaeb9b33-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 28E1
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx8jWFibI08YUjN3mgKjimivgihLTyjhwHh86qC-Hc_xvNd6KIapbvtGQKSqfV73XUs4D3Wl0RxoT05NXQf9Uyps73...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx8jWFibI08YUjN3mgKjimivgihLTyjhwHh86qC-Hc_xvNd6KIapbvtGQKSqfV73XUs4D3Wl0RxoT05NXQf9...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx8jWFibI08YUjN3mgKjimivgihLTyjhwHh86qC-Hc_xvNd6KIapbvtGQKSqfV73XUs4D3Wl0RxoT05NXQf...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx8jWFibI08YUjN3mgKjimivgihLTyjhwHh86qC-Hc_xvNd6KIapbvtGQKSqfV73XUs4D3Wl0RxoT05NXQf9Uyps73LdjPkp
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx8jWFibI08YUjN3mgKjimivgihLTyjhwHh86qC-Hc_xvNd6KIapbvtGQKSqfV73XUs4D3Wl0RxoT05NXQf9Uyps73LdjPkp
access-control-allow-origin
*
date
Mon, 30 Jan 2023 14:45:48 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame 28E1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMEEAd93SvEWl7ZQM-TMiI0&google_cver=1&google_push=Aa02lx9hzSA_oMfQwiksvw1wAJTwVQfbKgHbUK7BRxrcg6TiHgOsd6bgMbiHEstVAN4nUr2Pn3VhI0HonAV...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9hzSA_oMfQwiksvw1wAJTwVQfbKgHbUK7BRxrcg6TiHgOsd6bgMbiHEstVAN4nUr2Pn3VhI0HonAVdBydvRrb4qGYJxepp
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 28E1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JnQ6QsHzymjWi2Z3GshjKOQ2pArJVKBz8nm_6Twk_uvvSWSTaaWT-cMKddzDnX24LYd1E8Vg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDXRvd2VyMi1zcXVhcmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEBQhAAAAAIAB1EAwBAoNEBUhAAAAAAAAMUAwBAoNEBYhAAAAAAAAKEAwBAoNEBghAAAAAABghUAwBBIaQ08ybTBhbkU3X3dDRlQ3S3V3Z2RiSTBIVHciHWdwYS9tYXhpbWFsX3YxX29jaF9ob3RmaXhhYmxlKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/886862/62195781/ Frame 10B6 		242 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/886862/62195781/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.7.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-7-182.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8614c1b461abad124090296029baa4cc22f144562766b0ef2d0cb5e14d29d4c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 10B6 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Origin
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 31 Jan 2023 09:35:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame 10B6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4OmwRXqlPlxM4tHmc07pGMy63VEiEeuatQU2JR4SM9Zzks-tyJGiqcXX-bLubMoXR50ajMwchr6V957TyKhtzHbGknCHSeaoBc1I0bx8HyELI0Lh44eROZgxfWNzmXalZpawX1jqUQiy_HnfRGbbM7D975pLSMnpWiLmgZS0gA7bDHg0&dbm_d=AKAmf-AK0bWTRFxPjTUTwf6REkFmcDlB7sva3rPlLdCE_6A-tG-4wyEj8aPvqw4IjGpYlzkkeQ_5jdznYeeXgRb_qxkqdi4nfV2jbnkdnTlOPnXRGZSf9A71iMetHkCu0-rScPWD4cKL_DWJy-IoejSAgFvVQaOEKJdTxjdPAihNLQt5cvoz-UHRSUe-mHiCk_mnVWuG2Xb9bmax0gx2SOlZJEu9WEaOJE9JoAAZOT-3Vy3HnpybL4xswgsCD37zZXlAhr41bf4OgZOa2XOp3mQU_Z8Utji0YukmY8KN1FpVRBFxfLCEoxTS56jwH6oODkYY2A_zgwJDZv2whd8e1qEyAqezH7QhToSRpcy7YYAxO_YHaF59yYA-WHbzhB_e_jHyj3zRIMYJmPFEpDiWcmZ6DFgWv0C7b_Zf0mQNNYd2EXQXMTEq-RSkHJxxztsLa2icQyXMP0FyFV5N95qxq0XpKu_MP8x4KR_hcRsW8IFfCOyLdox0ou0GcAxFmEjXCVb-uVDJAYx1cxL5XsAZBz17z9XwTfgGKU5K4xHm7TprX5C8o-Ifc14-_jTpru6NgzEVl7sOXf4DHv2V2UAI8XhQborVU1dxf0Eg6pQb8xid_XaIZKxqDqkq9M5xh6DePq8qr-MWHB962_ISOkLkybD9cHUoJx4APvi0g77dCHVpoJ-zKEkVg9razdFhULSf-u1uSTrvkQTCLu_2nZdkVJl8ud-197T0ilFwTGY2KuOHjcthRYx9mefg-OKmKPeF616HzS1-a2rTUECS_s8-iw1Kh4N8p96eLEW_PMHomLBcb6-z3REaJbAMzl0TTdOOuDvpigjNMvCcTckrjRWxsDshLS3jsqnw0lq9EP4xsCb3uNZqzvRZ-4cG-1b7geE9KdF3A0ZQmXrTKdtviDrJ_yWfK2uMJPg0WbWuNrU3KqFDu8M4KuxaJMUMv2OxUK6tQXPIjhT-jEM4hGavCnVWSa-M_DuucbqU5g93nxoXiW13HaIQYVRGkKFmwLWI-hOVinanU9vfghrqO-tzjNmiLKf468w-TdpT2AgwbDU_Lj1QbaCF10j1qEVFqtqjTi2uHv6z68upRwePZfChNh90R1YvfDzzGXnVuqGfvoNU0GUQwH3Gung1WuKPs4FGgualhxrivibJdJIZDzTOzH9bbEMrvsneVNESrhPBUOG3xMJEMYvoQ3QJHBiFPTUlMXBpJZy1urUZbSBhXZdOhhw3U8EXk2vC92euQhmyN6lHTHdkEnfQ6gnsSXkWvc7vgJr7GAZ5n4M02KWEbbPAGHj8DXYB1EYWpkRsO1PFY2y6S-73gdLsLNvuDP_sTGfAXLpdu6zMReRFocYIElYrrWNVxnvZpuyAAMIlMdkrt0fstvYkiRwWiGLoj4ayyDPY5Q8qm9JFID0r_uU1r6-3LoIixvx2e7yuTtzhLK7uwgI-XyoJZX02j_FlFF3rMQCkDCKHiWlGrQU4nbKrSJFconJNr0SUhLUjzFyPHe_t5WJrrkl95GaLY-CSQmlXgzTz1vgm9IyL-MX5TV8n2ORrZrBgATpE14uIYXCPr2L7auMKFqR3U_Fk0A_L0ta9zBi1hCG1xERm4ip8Ad39OTXU_Ewa2GANBqIf_mR422XZiXqs1PW0HHXVZAm1HAUMuBhUksi0zxVzoWghcHHhEz2U-FQuge1XN9LVOvFkwiZ7rpGM2kbIevGxP3cUCXzbdO_CZ7P2GisKXrkGNAmYE7Xaiajb7Yre265UjpKFhfV4clmSpnZ7uEOA3QflC1JumiRiFxGSYerm16XPn42FinafT3HqkpBJoCHk3uyTQ6bbMW5e4b6BCWE0zq1ZsR2uLvD_g5S26d76rwwl-mOsZz-esFIiOj_xZ30Jptvz7FTXG-u5wT7uhy4AqEEYaVSv5HAsSDUfu-kUiZ2m9x_nfH9cYPm__PyfFUjh07mVax5jDUZhSY-uw_0TQuYKpHeJNwRCiV-lp_EZfZhozQrA0yAoNDwziTl6h6izG1u54ZpQxcvickBvfyZn27OV6_jvlrZsl9Al7V9FiPLloKL2Se4TPks3AS6utVVHZTCDvcrNHWX3NcNoCT2o-jquZmbd1h28UwSMmmzwrEWMAKMY3ju7VLUyURBrNefvkg0WVfI2JgI0LKiuZYsmqJgMbjWAsH04sLOl3VKY1jYu3ajmObsSh65ZT4ET8Z4PVCysG2tQvoukBqEoVV2_QOJWHSniDUxpW4WTJAnxwG1IaGZfUmIVSJWI5REg4yriKdlpk5w-eb5mqvfyyetVFfKzeF_wEdVV8hRaq5gby0S3pp_vu03dlbPd2HCROdDQVmKuC0jG_4el71ahJq0pFxzSnanmAGoX9jCI_3kCxjwnm37vrMYTQ8GCddA2gzmJStQWULBNQYTCC20VC8igZ_Gy0Q3MQ1dB-cATjM5BqITNNajnuUXoVFxgN-2O1aJG8-I00jnvqHv3H6zSkPCgKY0iwi9gLNQKl_n46S-b_MuPgVdHhDXUKKstD0fw3s6ueNa4vd29hu4ndd7PUk6PQBSJoBSt1KUqiRDHHIEAfBdmzA1D2eSlg-5uk8fpJmaSm-jwWkHhQra2EtWYZiSUdEZcChOiryM6Dw66Vlr1_FiFGg_nkSssUw944R5TZwGVqp9ZShoyNIIJ7SjkfaDS_dxtZBW8u_r_maJMYmVPtmqTJbDEEd2YQsfn4fpezQWGRklwM4D2PjbHk62Hzng0aZygPeGYDfJcl9UArRti12yePEhvlk8Iilr50qwj6U7JeLYoZ9KNlZc1I2ZYxRJS0ON-pzlby_MCJ72bf6l03oew_UXxRIgBCiIgq4BHFxUhCMplb18cXYnh1kmZnOX1vMTiaHkXxhE38suvv4JQnHxwbYE6AMT-eUV3TU083BO0PvJpVcTZZ7Oadm8_DG6Uj6QrJE2QsKNk7DES9M14hTwsWVqv1JJ5tkIufMSOLyaLkqlzv-7FR_PmYkf8OeCkPp8uaPbqkj7zJ1BZrNSBMX3GBeAHLcilxAtjRUEe_S1oF6_oF-xazXFSKzWsJfsRAnMFDdFZcstQugtEfTybIhFovVx7ZUfhFnr0XEYTnvOlYi4NnuBvQQ9X-1C29keaXMk6_AIXjh8n66UJ4-NNL8JYWHHJhg8vORjHHJ9ojOXWqYVvsjTRzEdXXzztC509OLoocsVu58Gk1EGUeTefiXK9f8Uvu5lDbZFPU7Ey6bhFbWQwVPur1gQiM1t6sWGtnmuGXngLkBZBko8xvGu58EirRj0m_ejrB-UFC-aYc8_Bm09qKl8-W6Uu1C1BSWIc0QxqN2vow_DGvsLD26uyFSvgBecwm9md2DUu9o6usCA9ifdihtlcgMaq5LrQX_sI9JcENOXLdU410bfBimq5fRM6U0uzyTSbFLTph6ke3HjKu51M-1aHudi1v0ROH6ipT3tVENaB_FdGnsf7kl9jHUH8HVrWk7NBzmOVPBgG-f-5EJkHHfAJiqpBOMWN4qTPpNkII84KpLXQEXQ6tD5K8e1C2_ZF4Fngn6_0Zo7fUIpJYBStAllRVJJX-GUoJ9ca4dwN-wjgJZmP8P3df5Ia5Jxq8s3jFOzOtExJCicTrf1hXablse0Nmytw8gQGXEG0lNsbKTY&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=14190400931800054000&adk=3661671305&idt=164&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
15481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:27:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame 10B6 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4OmwRXqlPlxM4tHmc07pGMy63VEiEeuatQU2JR4SM9Zzks-tyJGiqcXX-bLubMoXR50ajMwchr6V957TyKhtzHbGknCHSeaoBc1I0bx8HyELI0Lh44eROZgxfWNzmXalZpawX1jqUQiy_HnfRGbbM7D975pLSMnpWiLmgZS0gA7bDHg0&dbm_d=AKAmf-AK0bWTRFxPjTUTwf6REkFmcDlB7sva3rPlLdCE_6A-tG-4wyEj8aPvqw4IjGpYlzkkeQ_5jdznYeeXgRb_qxkqdi4nfV2jbnkdnTlOPnXRGZSf9A71iMetHkCu0-rScPWD4cKL_DWJy-IoejSAgFvVQaOEKJdTxjdPAihNLQt5cvoz-UHRSUe-mHiCk_mnVWuG2Xb9bmax0gx2SOlZJEu9WEaOJE9JoAAZOT-3Vy3HnpybL4xswgsCD37zZXlAhr41bf4OgZOa2XOp3mQU_Z8Utji0YukmY8KN1FpVRBFxfLCEoxTS56jwH6oODkYY2A_zgwJDZv2whd8e1qEyAqezH7QhToSRpcy7YYAxO_YHaF59yYA-WHbzhB_e_jHyj3zRIMYJmPFEpDiWcmZ6DFgWv0C7b_Zf0mQNNYd2EXQXMTEq-RSkHJxxztsLa2icQyXMP0FyFV5N95qxq0XpKu_MP8x4KR_hcRsW8IFfCOyLdox0ou0GcAxFmEjXCVb-uVDJAYx1cxL5XsAZBz17z9XwTfgGKU5K4xHm7TprX5C8o-Ifc14-_jTpru6NgzEVl7sOXf4DHv2V2UAI8XhQborVU1dxf0Eg6pQb8xid_XaIZKxqDqkq9M5xh6DePq8qr-MWHB962_ISOkLkybD9cHUoJx4APvi0g77dCHVpoJ-zKEkVg9razdFhULSf-u1uSTrvkQTCLu_2nZdkVJl8ud-197T0ilFwTGY2KuOHjcthRYx9mefg-OKmKPeF616HzS1-a2rTUECS_s8-iw1Kh4N8p96eLEW_PMHomLBcb6-z3REaJbAMzl0TTdOOuDvpigjNMvCcTckrjRWxsDshLS3jsqnw0lq9EP4xsCb3uNZqzvRZ-4cG-1b7geE9KdF3A0ZQmXrTKdtviDrJ_yWfK2uMJPg0WbWuNrU3KqFDu8M4KuxaJMUMv2OxUK6tQXPIjhT-jEM4hGavCnVWSa-M_DuucbqU5g93nxoXiW13HaIQYVRGkKFmwLWI-hOVinanU9vfghrqO-tzjNmiLKf468w-TdpT2AgwbDU_Lj1QbaCF10j1qEVFqtqjTi2uHv6z68upRwePZfChNh90R1YvfDzzGXnVuqGfvoNU0GUQwH3Gung1WuKPs4FGgualhxrivibJdJIZDzTOzH9bbEMrvsneVNESrhPBUOG3xMJEMYvoQ3QJHBiFPTUlMXBpJZy1urUZbSBhXZdOhhw3U8EXk2vC92euQhmyN6lHTHdkEnfQ6gnsSXkWvc7vgJr7GAZ5n4M02KWEbbPAGHj8DXYB1EYWpkRsO1PFY2y6S-73gdLsLNvuDP_sTGfAXLpdu6zMReRFocYIElYrrWNVxnvZpuyAAMIlMdkrt0fstvYkiRwWiGLoj4ayyDPY5Q8qm9JFID0r_uU1r6-3LoIixvx2e7yuTtzhLK7uwgI-XyoJZX02j_FlFF3rMQCkDCKHiWlGrQU4nbKrSJFconJNr0SUhLUjzFyPHe_t5WJrrkl95GaLY-CSQmlXgzTz1vgm9IyL-MX5TV8n2ORrZrBgATpE14uIYXCPr2L7auMKFqR3U_Fk0A_L0ta9zBi1hCG1xERm4ip8Ad39OTXU_Ewa2GANBqIf_mR422XZiXqs1PW0HHXVZAm1HAUMuBhUksi0zxVzoWghcHHhEz2U-FQuge1XN9LVOvFkwiZ7rpGM2kbIevGxP3cUCXzbdO_CZ7P2GisKXrkGNAmYE7Xaiajb7Yre265UjpKFhfV4clmSpnZ7uEOA3QflC1JumiRiFxGSYerm16XPn42FinafT3HqkpBJoCHk3uyTQ6bbMW5e4b6BCWE0zq1ZsR2uLvD_g5S26d76rwwl-mOsZz-esFIiOj_xZ30Jptvz7FTXG-u5wT7uhy4AqEEYaVSv5HAsSDUfu-kUiZ2m9x_nfH9cYPm__PyfFUjh07mVax5jDUZhSY-uw_0TQuYKpHeJNwRCiV-lp_EZfZhozQrA0yAoNDwziTl6h6izG1u54ZpQxcvickBvfyZn27OV6_jvlrZsl9Al7V9FiPLloKL2Se4TPks3AS6utVVHZTCDvcrNHWX3NcNoCT2o-jquZmbd1h28UwSMmmzwrEWMAKMY3ju7VLUyURBrNefvkg0WVfI2JgI0LKiuZYsmqJgMbjWAsH04sLOl3VKY1jYu3ajmObsSh65ZT4ET8Z4PVCysG2tQvoukBqEoVV2_QOJWHSniDUxpW4WTJAnxwG1IaGZfUmIVSJWI5REg4yriKdlpk5w-eb5mqvfyyetVFfKzeF_wEdVV8hRaq5gby0S3pp_vu03dlbPd2HCROdDQVmKuC0jG_4el71ahJq0pFxzSnanmAGoX9jCI_3kCxjwnm37vrMYTQ8GCddA2gzmJStQWULBNQYTCC20VC8igZ_Gy0Q3MQ1dB-cATjM5BqITNNajnuUXoVFxgN-2O1aJG8-I00jnvqHv3H6zSkPCgKY0iwi9gLNQKl_n46S-b_MuPgVdHhDXUKKstD0fw3s6ueNa4vd29hu4ndd7PUk6PQBSJoBSt1KUqiRDHHIEAfBdmzA1D2eSlg-5uk8fpJmaSm-jwWkHhQra2EtWYZiSUdEZcChOiryM6Dw66Vlr1_FiFGg_nkSssUw944R5TZwGVqp9ZShoyNIIJ7SjkfaDS_dxtZBW8u_r_maJMYmVPtmqTJbDEEd2YQsfn4fpezQWGRklwM4D2PjbHk62Hzng0aZygPeGYDfJcl9UArRti12yePEhvlk8Iilr50qwj6U7JeLYoZ9KNlZc1I2ZYxRJS0ON-pzlby_MCJ72bf6l03oew_UXxRIgBCiIgq4BHFxUhCMplb18cXYnh1kmZnOX1vMTiaHkXxhE38suvv4JQnHxwbYE6AMT-eUV3TU083BO0PvJpVcTZZ7Oadm8_DG6Uj6QrJE2QsKNk7DES9M14hTwsWVqv1JJ5tkIufMSOLyaLkqlzv-7FR_PmYkf8OeCkPp8uaPbqkj7zJ1BZrNSBMX3GBeAHLcilxAtjRUEe_S1oF6_oF-xazXFSKzWsJfsRAnMFDdFZcstQugtEfTybIhFovVx7ZUfhFnr0XEYTnvOlYi4NnuBvQQ9X-1C29keaXMk6_AIXjh8n66UJ4-NNL8JYWHHJhg8vORjHHJ9ojOXWqYVvsjTRzEdXXzztC509OLoocsVu58Gk1EGUeTefiXK9f8Uvu5lDbZFPU7Ey6bhFbWQwVPur1gQiM1t6sWGtnmuGXngLkBZBko8xvGu58EirRj0m_ejrB-UFC-aYc8_Bm09qKl8-W6Uu1C1BSWIc0QxqN2vow_DGvsLD26uyFSvgBecwm9md2DUu9o6usCA9ifdihtlcgMaq5LrQX_sI9JcENOXLdU410bfBimq5fRM6U0uzyTSbFLTph6ke3HjKu51M-1aHudi1v0ROH6ipT3tVENaB_FdGnsf7kl9jHUH8HVrWk7NBzmOVPBgG-f-5EJkHHfAJiqpBOMWN4qTPpNkII84KpLXQEXQ6tD5K8e1C2_ZF4Fngn6_0Zo7fUIpJYBStAllRVJJX-GUoJ9ca4dwN-wjgJZmP8P3df5Ia5Jxq8s3jFOzOtExJCicTrf1hXablse0Nmytw8gQGXEG0lNsbKTY&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=14190400931800054000&adk=3661671305&idt=164&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 18:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
74394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10810
x-xss-protection
0
server
cafe
etag
8766511519597269738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 18:05:53 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 180F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60B4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDGxhcmdlLWJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QFCEAAAAAsLT5QDAECg0QFSEAAAAAAAAxQDAECg0QFiEAAAAAAAAkQDAECg0QGCEAAAAzM0uIQDAEEhpDT3VtMGFuRTdfd0NGVDdLdXdnZGJJMEhUdyIJZ3BhL21vbnRlKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A135 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Origin
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 22:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 22:14:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame A135 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5WXMVX785rvKZaJoSs7tKBSzn7k8gxN65UJsHK7QhmlCfFZz1NEyvyz0Qpgz1z6vd9ax8RdKU4GNm47DIhVQAlHBSUg&cry=1&dbm_d=AKAmf-A7TKpWkvivf4-NokGjSBs2drtE6KHCHthjc9fZgq2GZ5LL09wJmwCPbIWDsrcQ9qDtO3iiDnugf7VEdc4V6GnRhLk_RYLMbFcryyv_ylm9sC2exynaXlXVkaPvoNdpLHoyamXpwkek5wGKOP2ixQHqkleTiynI_fuV18HHi-41xl0TGwgpLu702s3mtOZv7nBb3dZKTAEhib8Bqe4-doUirFrztPWQA6w0fPTq65cMMNZTETjtsZuPeHJ9Z9SYvNQZFA-mb_qUB-OBh_WOTHhLn4Y7mwdNvLQqXDd25EaxMnt3ube4IoTP9Mq4M7J2XhBt650sTLGZy6txRqsToRs0FpbF3s2hspfLd9Ox8DVeswqDMbHBdT-R0IItCgWwC4DqkCwU8XgR9NtSrw2FUjCCQJVs07f9e7kRKHWwe7ofO6Uca8cFKubjHoV6N7TemSgmOgadQtxcMedFkTuBewGr7Bj1-58S6yJPJfm5aV6f3yBMfD_r3yOBBcu831nT1Fg-m0r_togxSA7l75XrXWcVkVfJwxET51auw952ThXh8wdj2iecuD6He9RKTky52QSnUrbJ0fndbLc06WVvZZXBHLxEluiTr8ihdl6-yBnLSGtp1iaoTdnj2FbaMST-29cnLwKg6V3BVxPHKbYZEfosGtl3R3Yg-ASCmgEVcMVZBzB3rgrktCQ9-ELeh03M8Nvveg7SBtzJ_tZ_eolyklNZpwaebJJ5r0LKW8RUZz2QMhA9lMNCSi166KBBrcwSLnEtQCh0gOuGI03MaFZ2uWJeQ160q5i7RDoh_ForapHqJYpcc4k4xuFfbgnNXdb-QpPiFWodXHadeywYgoDwzqRalUJy4kL1WGdrmcArNYyXRqC8ksyd46Gpj4cSeNhBU9ep7sUBgOIeK1J6OVd4FFs15Fkk4KD1iavPC6tDMG9zQC8htiDSgF290JnW3RIE1kH38YPGXV1SIOuZQJ9z8puvGgUoKL1nSZxQzZF6dmKaBjUa_iMG_uICCsziKfaQV59ihxEXftR192r4l7kqQpXzuHowR9mTXMCd1GRPNiDyDu07-aiVgsqQus-_tFCvb68rKKD2ufT-DCSWHbhsj86jONBHblBSW1WCUv1g2Y829G1YFRnwiJ9lmOhITrI_p-IsUTxHiUbCKgyLcr0_iZxqnCTY1qQD_mAcOSahjlNSXL_3kyEH0t9Fwgn704aT3ZN_U3x3iqc2sHtS4cCV5j9J-yB_4vTwF1i5s2X5JOerVbApIU-jQPyMQ0ADq5xTkCGvxY_FNO5uUgTTm9JxgPd0wwKbxNfeyFCCf8Id1b9cqA-U1ntK1OXmsYXyYTxMo3r1uIHgvkWw2qO3Rb5geNo2eSE3rji1byPhIZfxsFhIKxOnuQr-EDHbD3VPngKuGy_zPsniLoYgihliT4gCbeWmh9Vu6HEQFdnaXCHSHB-nd8fZ-KMYepKxIIwtaCNWr2vdSyYz1uuI3KMx1s2Dcis6mjjVxDIVK98g074y0N86XuGY0klW0fxbYbyjtj7pxUwmpCcS7UWTEmGfM2c2mpV5_X-JD1Byd1guLy6OP2JFqEcsIwZV0gCieMgHBtLbpSKvf6rmUCcpp9zLcYONU4MmE5pssEVpVzPpuUZEINOSOm0_1SF0B7mojmrxc5mLVokNiuad1Hry0ACmEsBomfEvJqjD_317DPelhICFVKp0hlPsEPkqPLgfyw7pnmSPq66koI7s0H7qX1p03YBwZbgcOdUBgDg_JQeH8d2-g4KaIuQkmslsx_EZre-Z1JEXsiiTo2JgebGT2YdFgBEibTWnF8V_OFRNQD0ulJLTExb8Zy701cq_yzI7Ub3M48nryx38IbCoM6UAsFJRX2nXI1xlthO421tthgZKWP77med1sFTTEdXUb92jxwwZY6_ghvKvpsJvY0OWgoJRdj9hcG4fSunbfu0pBpuNIV0pdHm40kNjcQtAS61B6IAMEK5qd52jVSnisPkZz0flQQx3uKBqk559PruZD1M4wqE7zBXBvarjS-81u6K-U-rdbeSoNpAjVtZFbSyLBYe2UGMv9vsEBfhVT0Mu-Vo2s1dpthYV4A26u4AhS4WhTBsMXVf8Ei3vcJtYY4EfVZzw0NR8mEG-qkLs3rZnnIkh5US1BbAt8OEVbafOUm8daGvtvrMJC6azTTY-l7RDGxtyAiiBgTo3IY5AVUUcarGO7vI_zubg7xvkPn8B8BVhLy0O7TyAbCo-CbtD9LBj5Gxor1DtBgiBCuULaPDZysJ77mbpVsPjC0IhmY4ChgybTcPhTGhW7ZUI6Q75WGlhjM8p54ADvNBUUrx3tzd2iTXraIrM_UTx_5mTc75HQ8h4UT29W2jKX2cpiv2GTlV1xEB2menLGTrUaHcfJC93MzgTvWbxwXSh8OZMpecixw9IAwwGkyDTVHAbPsBzss06cBt8w6al31sSrrgy0agHlNo-ibryjLX4HoUh4RL2F2FvRVSDx-GiP13CCmfYhad_bIIftBHQNd9RsaUHbH-1Xjk1q4hB1b6hWkD5cDSjHBJm2m-gfwWVaU5Va1HsOIzHik-yUmToQhg-siG9VXuNoBO0ycVlrEZEiTdySzH7mMCKYJnZmw49S07EudNgxmY-yGS5Dm_3n8ZspSiVnPHHALj2RFYNhOGoOfDN1TvKwqI4di-4peNu1-TjYkJxnSEmiWyvKe9UNTZJymhYfpPk_ZTc4nu2kQWzrd297c-4T0qTBs3rJKxcb5hItIc93137sISI7F2r5b-5uMGG9OvFtQGuG4Hz2RTNwMQeDCq0Xscv7y9MoVOKJGjIzx2vjsvWTK1QP_MQnizUmxZ709eUOKdkM5Tn67-tVPV13N-VS99KWBEJG9KvH65lUo56JgV-XH8ZoB3Bwv2ylWr5lsFBKhC1lzMOJnLHPj56gIhd7AjiTFx139lggT-MWRaiGAx_40RJX8k-MIery77yUUJTzKkFYPmbfrXNotGr_9RUovfsEA8QUO6u_fc38k1gMv1Oy6mdJl4faI44qoRg50hXyXfkAl08bHwIRUxYVl8_9exxmftyCpH4M8map-XMDvAIzl_pHBWf6XIyYsxd5LJrp0RtwIOO2m3e0NMeyOiUX_wMU85a6B1PS0vWZ737ls3iF_po7ZYLYTGfnsK7Ub1xZYWCud7u8puMm6C1lV9WKN7Xne_pF152P73XKys_dINPv7Sn3eDkTAyEZPGScgtiAF_YJjEjCM1P43LQ6wbtn_fBgKLDabtc2Shp7gQ0c-TIFhdewwxOmjr9z6K6nthAElCA1wEixXinVddW2UHgw3kQ1-F4g5wVZ4UjeHbRckYbQV5Fzilr0fUQpfLtOFMhrmoNreQ9jBi6ZCNnZiZYpiLeuYlNcTbI1-W2a_rb4XLg1VRTAfmRf-CwuYn7igpJXmevESzt7afYZaKdEptBZ0n4-RohC_HCQZvH2NGSD9mqiflWBI6DEIilr1P8Z3mWxpuXvKv8FvZDW1UTViRkkCDrcKJgDd9NmDJPfmnFNRE9Eu_SPJrMlijmPdcjCw9HdGNvv6JWsdIQXXfdqFv34KhrhXHfpsNh3HDierChwfptdWrdX1HjkX982QZ8gQ&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=770689035717638400&adk=2265872549&idt=149&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
15481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:27:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame A135 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B5WXMVX785rvKZaJoSs7tKBSzn7k8gxN65UJsHK7QhmlCfFZz1NEyvyz0Qpgz1z6vd9ax8RdKU4GNm47DIhVQAlHBSUg&cry=1&dbm_d=AKAmf-A7TKpWkvivf4-NokGjSBs2drtE6KHCHthjc9fZgq2GZ5LL09wJmwCPbIWDsrcQ9qDtO3iiDnugf7VEdc4V6GnRhLk_RYLMbFcryyv_ylm9sC2exynaXlXVkaPvoNdpLHoyamXpwkek5wGKOP2ixQHqkleTiynI_fuV18HHi-41xl0TGwgpLu702s3mtOZv7nBb3dZKTAEhib8Bqe4-doUirFrztPWQA6w0fPTq65cMMNZTETjtsZuPeHJ9Z9SYvNQZFA-mb_qUB-OBh_WOTHhLn4Y7mwdNvLQqXDd25EaxMnt3ube4IoTP9Mq4M7J2XhBt650sTLGZy6txRqsToRs0FpbF3s2hspfLd9Ox8DVeswqDMbHBdT-R0IItCgWwC4DqkCwU8XgR9NtSrw2FUjCCQJVs07f9e7kRKHWwe7ofO6Uca8cFKubjHoV6N7TemSgmOgadQtxcMedFkTuBewGr7Bj1-58S6yJPJfm5aV6f3yBMfD_r3yOBBcu831nT1Fg-m0r_togxSA7l75XrXWcVkVfJwxET51auw952ThXh8wdj2iecuD6He9RKTky52QSnUrbJ0fndbLc06WVvZZXBHLxEluiTr8ihdl6-yBnLSGtp1iaoTdnj2FbaMST-29cnLwKg6V3BVxPHKbYZEfosGtl3R3Yg-ASCmgEVcMVZBzB3rgrktCQ9-ELeh03M8Nvveg7SBtzJ_tZ_eolyklNZpwaebJJ5r0LKW8RUZz2QMhA9lMNCSi166KBBrcwSLnEtQCh0gOuGI03MaFZ2uWJeQ160q5i7RDoh_ForapHqJYpcc4k4xuFfbgnNXdb-QpPiFWodXHadeywYgoDwzqRalUJy4kL1WGdrmcArNYyXRqC8ksyd46Gpj4cSeNhBU9ep7sUBgOIeK1J6OVd4FFs15Fkk4KD1iavPC6tDMG9zQC8htiDSgF290JnW3RIE1kH38YPGXV1SIOuZQJ9z8puvGgUoKL1nSZxQzZF6dmKaBjUa_iMG_uICCsziKfaQV59ihxEXftR192r4l7kqQpXzuHowR9mTXMCd1GRPNiDyDu07-aiVgsqQus-_tFCvb68rKKD2ufT-DCSWHbhsj86jONBHblBSW1WCUv1g2Y829G1YFRnwiJ9lmOhITrI_p-IsUTxHiUbCKgyLcr0_iZxqnCTY1qQD_mAcOSahjlNSXL_3kyEH0t9Fwgn704aT3ZN_U3x3iqc2sHtS4cCV5j9J-yB_4vTwF1i5s2X5JOerVbApIU-jQPyMQ0ADq5xTkCGvxY_FNO5uUgTTm9JxgPd0wwKbxNfeyFCCf8Id1b9cqA-U1ntK1OXmsYXyYTxMo3r1uIHgvkWw2qO3Rb5geNo2eSE3rji1byPhIZfxsFhIKxOnuQr-EDHbD3VPngKuGy_zPsniLoYgihliT4gCbeWmh9Vu6HEQFdnaXCHSHB-nd8fZ-KMYepKxIIwtaCNWr2vdSyYz1uuI3KMx1s2Dcis6mjjVxDIVK98g074y0N86XuGY0klW0fxbYbyjtj7pxUwmpCcS7UWTEmGfM2c2mpV5_X-JD1Byd1guLy6OP2JFqEcsIwZV0gCieMgHBtLbpSKvf6rmUCcpp9zLcYONU4MmE5pssEVpVzPpuUZEINOSOm0_1SF0B7mojmrxc5mLVokNiuad1Hry0ACmEsBomfEvJqjD_317DPelhICFVKp0hlPsEPkqPLgfyw7pnmSPq66koI7s0H7qX1p03YBwZbgcOdUBgDg_JQeH8d2-g4KaIuQkmslsx_EZre-Z1JEXsiiTo2JgebGT2YdFgBEibTWnF8V_OFRNQD0ulJLTExb8Zy701cq_yzI7Ub3M48nryx38IbCoM6UAsFJRX2nXI1xlthO421tthgZKWP77med1sFTTEdXUb92jxwwZY6_ghvKvpsJvY0OWgoJRdj9hcG4fSunbfu0pBpuNIV0pdHm40kNjcQtAS61B6IAMEK5qd52jVSnisPkZz0flQQx3uKBqk559PruZD1M4wqE7zBXBvarjS-81u6K-U-rdbeSoNpAjVtZFbSyLBYe2UGMv9vsEBfhVT0Mu-Vo2s1dpthYV4A26u4AhS4WhTBsMXVf8Ei3vcJtYY4EfVZzw0NR8mEG-qkLs3rZnnIkh5US1BbAt8OEVbafOUm8daGvtvrMJC6azTTY-l7RDGxtyAiiBgTo3IY5AVUUcarGO7vI_zubg7xvkPn8B8BVhLy0O7TyAbCo-CbtD9LBj5Gxor1DtBgiBCuULaPDZysJ77mbpVsPjC0IhmY4ChgybTcPhTGhW7ZUI6Q75WGlhjM8p54ADvNBUUrx3tzd2iTXraIrM_UTx_5mTc75HQ8h4UT29W2jKX2cpiv2GTlV1xEB2menLGTrUaHcfJC93MzgTvWbxwXSh8OZMpecixw9IAwwGkyDTVHAbPsBzss06cBt8w6al31sSrrgy0agHlNo-ibryjLX4HoUh4RL2F2FvRVSDx-GiP13CCmfYhad_bIIftBHQNd9RsaUHbH-1Xjk1q4hB1b6hWkD5cDSjHBJm2m-gfwWVaU5Va1HsOIzHik-yUmToQhg-siG9VXuNoBO0ycVlrEZEiTdySzH7mMCKYJnZmw49S07EudNgxmY-yGS5Dm_3n8ZspSiVnPHHALj2RFYNhOGoOfDN1TvKwqI4di-4peNu1-TjYkJxnSEmiWyvKe9UNTZJymhYfpPk_ZTc4nu2kQWzrd297c-4T0qTBs3rJKxcb5hItIc93137sISI7F2r5b-5uMGG9OvFtQGuG4Hz2RTNwMQeDCq0Xscv7y9MoVOKJGjIzx2vjsvWTK1QP_MQnizUmxZ709eUOKdkM5Tn67-tVPV13N-VS99KWBEJG9KvH65lUo56JgV-XH8ZoB3Bwv2ylWr5lsFBKhC1lzMOJnLHPj56gIhd7AjiTFx139lggT-MWRaiGAx_40RJX8k-MIery77yUUJTzKkFYPmbfrXNotGr_9RUovfsEA8QUO6u_fc38k1gMv1Oy6mdJl4faI44qoRg50hXyXfkAl08bHwIRUxYVl8_9exxmftyCpH4M8map-XMDvAIzl_pHBWf6XIyYsxd5LJrp0RtwIOO2m3e0NMeyOiUX_wMU85a6B1PS0vWZ737ls3iF_po7ZYLYTGfnsK7Ub1xZYWCud7u8puMm6C1lV9WKN7Xne_pF152P73XKys_dINPv7Sn3eDkTAyEZPGScgtiAF_YJjEjCM1P43LQ6wbtn_fBgKLDabtc2Shp7gQ0c-TIFhdewwxOmjr9z6K6nthAElCA1wEixXinVddW2UHgw3kQ1-F4g5wVZ4UjeHbRckYbQV5Fzilr0fUQpfLtOFMhrmoNreQ9jBi6ZCNnZiZYpiLeuYlNcTbI1-W2a_rb4XLg1VRTAfmRf-CwuYn7igpJXmevESzt7afYZaKdEptBZ0n4-RohC_HCQZvH2NGSD9mqiflWBI6DEIilr1P8Z3mWxpuXvKv8FvZDW1UTViRkkCDrcKJgDd9NmDJPfmnFNRE9Eu_SPJrMlijmPdcjCw9HdGNvv6JWsdIQXXfdqFv34KhrhXHfpsNh3HDierChwfptdWrdX1HjkX982QZ8gQ&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=770689035717638400&adk=2265872549&idt=149&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 18:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
74394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10810
x-xss-protection
0
server
cafe
etag
8766511519597269738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 18:05:53 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C826 		119 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Origin
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 22:14:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59493
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 22:14:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame C826 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkuMOndcm8_KG1Yu8AiDyj792zw28mjHmzbtRsIJSj19sta415p_2tH0PnZl7NQu9v7ChwraRRUjlRtE4s0NTYmj8rGA&cry=1&dbm_d=AKAmf-CiE0mpbwIOXHJVfaAfEig0Wkh6t2pIqa1bBOyJfC_gqPYl3uULa95Bn_ulnlh0TGTIp-9lUA4ql4k_CPjbYBoHYnpvSX_kDXkcbL6P5awrmAlCde6sz-vOaD6-UM6afJAFnWvHJSvgcN0hgsdKBQD2BTCigkMxMmhP2PmS5xZlUuHmPovwMSz5KK6q0Kz0oQS6E0celOOQiWCp6yFgKqKqC0NgezmaY-kUsySbq5RXKGAQMSKOHc0NtgoeIq_kgk-Oa_ZGfFUTA479RD2P4-1e2A8SfqaTJ6wmZB8AjafdYkDkhQUBOG0KeEutx3EyKHqoYwhIE2J_DqV7guVjjE3vayjKAMwJBLMuLvu5TMnypNWTCjYPTwsh4dCR-MNHDIV01HjICDwZ7s1FIdODnEBoH1QXbydSOqXq2U5kNlan9xuHKm4STLqqb4wZ185P77pr1ymwDMDZYbmRCmx9BAbipWWyye4NBpREtRGghCRjgRyyUjVOw7Jqvzt5rBmyEStPrx0Cl-M3-TFDBkx6ZRWbO2Xz-TYH39lI-Ie2M7l_TX1wjGaVNWtdk7iDV3D1MGfZygAFc3YnRfsr-jfZcbgXKxNA97jq36o1JQ2e8hCT5FBEN-24P-vo4O_pbM2WOcm8SnHA0fDcXwP_3SMpl0B6QuyHWJh7TH3B67NbccSm2EUMtZ3wlv_1na1mYPC4b0FiMZLMMQ0ge-tCOhzJRI5E2qVbnX15mszKPRNojW3r9jXqkIjcjGoy18tFnJz9FkiYrLYi-uVLKHKkan-FVX3k1tHJkCtptvbT8_kdULevO7NC0h_Yf8Bz3moefAyaMqb7rBilzRnDjYcRvnYHQOLDI3yCRWF-y0pTt_BDmzhwj5Z58Sg7x3j1uqSr_ti_9bhVWI75vApUV1jcGCtyBhBoXEwaff7lzAf91w6T0ySzP-I1j0aCYpgTPeFAFrHj5YARP7yqoMC_O7uViCfsNi68HCVMhDAqyOV1D1meFTsxPIQeCw8jhvkpSHQ35GUnyoxrP-Diir66FgXA9aVURNr644olN_g20i9BaKaj-wPs6XrOxGNKz10gFWAMa-ENh40GSgaE_kSZbshkFF83dtF7ZsQKSzx2ONUP1C-kv6v3JOt_cwnqLt1WCPPK74l1fbmB3R9STDfO0wYsomSJKGYjVNS-nfo7HiqaJsJ6b3TDmZzkCQDpcCdlcieGTK-kqBfQIHE3Wmc03jMIsMsr3dAlh4SaYslv74ST7x8c0A14_yoHRT62hWJjGbZ9NaMc821xhdh1YAAShpBI52MufBRHDtck6FP1ejjKz8CGSlsrhAkfak043OwL9Go87Grvgqrfdv-KsEn3c9NofRdPK__LjjEZLxU38Iv0bmj9iYjfQBnVuiKXfa3RigBgpctmD3pk4d2lxuoDwTzHN2Q8GGbWQnsHBuZAghTPYHBAvVN0DUOs_oG7J9qFMNcy7BsJnuuoH1GPN1bRk4VZPPYf9MjQTPSYV4_9b9O1fx9kiHD0YOWuuvRhzjuxM4nNnG9PujTSdTqdaMcAw89cHIDsA1i6SFS_Y1HKd5rW1Tdtso1CLhZQ4IKMBagks5n24daTRz493GH7N4IPud74B07MSCaETrSilDXBG_UYwMPkkGWo41a7vYGn-izixPnRuh7bF_lNBMY9e-g9BRlyAGenGSLK5JiJXtauxpzLiLC-APXXsezitOX_w_ZiQsRa_AIQ_3dHyVQV2L4-iqkS8wPZw658GvLqIKiJrnfQ1bQuzyPfCkdIOc-t4JowVzpbXJ7WY2tFgjl6ImZvtszuhlwG6XuUsajWJdaHlTLiRSQPYO76WBweqVksw3cKwuEiR0hk5wVNqm2QwVPUnJ0Z6deN_-gSX_Eo-ULLVMHeiSqk3L-9LXhHhBQfH5tPI95xJzKhNRNqgGRHgk70LkJODN8UD4QDYE1Rn81-806RcSi2bkTUHqjHcpPHnkuZrsrfCFiLLnnVJsMy5YRGAJW7k4LXwaItwwtZOs20imoUpY-nsFpSDMhRtm3cP-qt4XTl9A1u0HrvOLiQJGJgu31lqDh35uEntfd264vTdI2SDnsRV8-Xz3xH4pwTwpyydcDMjJ-EzhxS6cURmeXoFY96UBxzav768C5GTdTFMd0sDOjzqNY7Yxu1y6vG46STW3LP4pEyrLoGQ6B4VE8a4r2i1HwxCdfLFhUatUSnYosHn2jKR5aTPMeuyXt05u3ay3xu9RliDs4-XZBrCfsOs7wASg_4jh_mhhaXoNeVYfHGFhHnJBWOgKziH8o2K5o27gcUlt3CdaSfLBj5LWuNRdUuAGWEq4gbC4EYOogs1JCqFwXKWjm4hlX3filaSsPDhLUE2BcVop5NbLkMRYO-3INcu669uoaMdwhU4Jzg_VNcphu1U4zJeQKAgf8ZLngzBgaZEiFyYt2TJySeNXC0xSXq30cPZGJ5m4SqW5xPbGBAn2cX_BqfYemYJAXbwiOLlBfTRoOZgTg-l9YNH9RDWoCbChvdOT8Z9c5-zRRfXPq16NH3tmexdWmc43A2FP5wYppLT07A8BUkaTlE5pKk8XKtY608web1EX_djGCe-xyfHvcjq-5FqYJmfK5qs5O0So0OraAGvu8uw1coIXf8Pa9rJjcRiq0Vujtdch-8k_p8J-gXrQ74sA-JU8KA51u4opuPqkvya3hfLykHe07Ja8jHCkYAQYpiHqIEoNohDbgn5qdNq-Yi1U95VsvkhulCRagHh5uYgTIbjjIQo2-i0Ugd50Svx9U3TNwyRW6mWL2LkhN8myKmTDc6vh4TzYf4NowfipWEjw1IBvja9NHedz1nh1cEyrndyN-MvFjjfSvCgHo6zje9uIApbAa6vSeD0IAojAdhzdxjavLAUg8d2NDCR4cR9PLfberOxVvhSU2u5FJH-AFfeH8oPlepxMuyaEiO8BjuCT7qV7BVvouK0lof0nGffCtczy-xi-BUtxICP8ySt3euGXTl2tSUXduXzktSaUH0P1EE2JR0Fc0nb67MfcrBzJXICdbeAKk9daDMh2QgVW8e6_-dpRcusrtvIqn95kQsZQjrvRGmOlNiu4Tru3B9nx8bXEgYHMKmN9mKvlkP8vp81F6Be7ZdXdXFDMfGpue6EnoHIpE2bD11gZ0W-AgJFDJNyJYsJUWhOLMSJIGdEt1aPwCKOM5I7B9a5QJToBpplgiICfdlLjfXTB-VdPzB2jEFzubZcfTwh19iomuhX4NUqORM-VlGX0GxH-yDd3ZZzZuXABeAHUkFJ52PtWFdQtn8FEqWhMV4v9dZAaFz8dpmrfwVlZpd0blA1wwRj0Wmw8tigpOMWaUMgOuaY7aUrzKHPfJEyZPgneu_9gUIyUIH06YP_vU7BGPrXk-_ubpF1PJz2wKuHEZaokrkrLw-8APYEdbbHUxjPdFWMZi-d3br_VX5M_9juwtgHfVvcLTw9eSZ-RjvcCLS9tnn35fgmqM-V9i0V0W9E5yhcJ0a2SJyunnb_sw_sNuFW9rcTw4lqZN0akSZQ9wHcrgypgB5KkcfZ1bRqzolcH2pOfb9jFVzsyT6XczUQk-AvHp8xWO9nLAmudW0wutEjxqlYdTzn80EUPRXlQ&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=7245488825463465000&adk=792902355&idt=168&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
15481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:27:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame C826 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DkuMOndcm8_KG1Yu8AiDyj792zw28mjHmzbtRsIJSj19sta415p_2tH0PnZl7NQu9v7ChwraRRUjlRtE4s0NTYmj8rGA&cry=1&dbm_d=AKAmf-CiE0mpbwIOXHJVfaAfEig0Wkh6t2pIqa1bBOyJfC_gqPYl3uULa95Bn_ulnlh0TGTIp-9lUA4ql4k_CPjbYBoHYnpvSX_kDXkcbL6P5awrmAlCde6sz-vOaD6-UM6afJAFnWvHJSvgcN0hgsdKBQD2BTCigkMxMmhP2PmS5xZlUuHmPovwMSz5KK6q0Kz0oQS6E0celOOQiWCp6yFgKqKqC0NgezmaY-kUsySbq5RXKGAQMSKOHc0NtgoeIq_kgk-Oa_ZGfFUTA479RD2P4-1e2A8SfqaTJ6wmZB8AjafdYkDkhQUBOG0KeEutx3EyKHqoYwhIE2J_DqV7guVjjE3vayjKAMwJBLMuLvu5TMnypNWTCjYPTwsh4dCR-MNHDIV01HjICDwZ7s1FIdODnEBoH1QXbydSOqXq2U5kNlan9xuHKm4STLqqb4wZ185P77pr1ymwDMDZYbmRCmx9BAbipWWyye4NBpREtRGghCRjgRyyUjVOw7Jqvzt5rBmyEStPrx0Cl-M3-TFDBkx6ZRWbO2Xz-TYH39lI-Ie2M7l_TX1wjGaVNWtdk7iDV3D1MGfZygAFc3YnRfsr-jfZcbgXKxNA97jq36o1JQ2e8hCT5FBEN-24P-vo4O_pbM2WOcm8SnHA0fDcXwP_3SMpl0B6QuyHWJh7TH3B67NbccSm2EUMtZ3wlv_1na1mYPC4b0FiMZLMMQ0ge-tCOhzJRI5E2qVbnX15mszKPRNojW3r9jXqkIjcjGoy18tFnJz9FkiYrLYi-uVLKHKkan-FVX3k1tHJkCtptvbT8_kdULevO7NC0h_Yf8Bz3moefAyaMqb7rBilzRnDjYcRvnYHQOLDI3yCRWF-y0pTt_BDmzhwj5Z58Sg7x3j1uqSr_ti_9bhVWI75vApUV1jcGCtyBhBoXEwaff7lzAf91w6T0ySzP-I1j0aCYpgTPeFAFrHj5YARP7yqoMC_O7uViCfsNi68HCVMhDAqyOV1D1meFTsxPIQeCw8jhvkpSHQ35GUnyoxrP-Diir66FgXA9aVURNr644olN_g20i9BaKaj-wPs6XrOxGNKz10gFWAMa-ENh40GSgaE_kSZbshkFF83dtF7ZsQKSzx2ONUP1C-kv6v3JOt_cwnqLt1WCPPK74l1fbmB3R9STDfO0wYsomSJKGYjVNS-nfo7HiqaJsJ6b3TDmZzkCQDpcCdlcieGTK-kqBfQIHE3Wmc03jMIsMsr3dAlh4SaYslv74ST7x8c0A14_yoHRT62hWJjGbZ9NaMc821xhdh1YAAShpBI52MufBRHDtck6FP1ejjKz8CGSlsrhAkfak043OwL9Go87Grvgqrfdv-KsEn3c9NofRdPK__LjjEZLxU38Iv0bmj9iYjfQBnVuiKXfa3RigBgpctmD3pk4d2lxuoDwTzHN2Q8GGbWQnsHBuZAghTPYHBAvVN0DUOs_oG7J9qFMNcy7BsJnuuoH1GPN1bRk4VZPPYf9MjQTPSYV4_9b9O1fx9kiHD0YOWuuvRhzjuxM4nNnG9PujTSdTqdaMcAw89cHIDsA1i6SFS_Y1HKd5rW1Tdtso1CLhZQ4IKMBagks5n24daTRz493GH7N4IPud74B07MSCaETrSilDXBG_UYwMPkkGWo41a7vYGn-izixPnRuh7bF_lNBMY9e-g9BRlyAGenGSLK5JiJXtauxpzLiLC-APXXsezitOX_w_ZiQsRa_AIQ_3dHyVQV2L4-iqkS8wPZw658GvLqIKiJrnfQ1bQuzyPfCkdIOc-t4JowVzpbXJ7WY2tFgjl6ImZvtszuhlwG6XuUsajWJdaHlTLiRSQPYO76WBweqVksw3cKwuEiR0hk5wVNqm2QwVPUnJ0Z6deN_-gSX_Eo-ULLVMHeiSqk3L-9LXhHhBQfH5tPI95xJzKhNRNqgGRHgk70LkJODN8UD4QDYE1Rn81-806RcSi2bkTUHqjHcpPHnkuZrsrfCFiLLnnVJsMy5YRGAJW7k4LXwaItwwtZOs20imoUpY-nsFpSDMhRtm3cP-qt4XTl9A1u0HrvOLiQJGJgu31lqDh35uEntfd264vTdI2SDnsRV8-Xz3xH4pwTwpyydcDMjJ-EzhxS6cURmeXoFY96UBxzav768C5GTdTFMd0sDOjzqNY7Yxu1y6vG46STW3LP4pEyrLoGQ6B4VE8a4r2i1HwxCdfLFhUatUSnYosHn2jKR5aTPMeuyXt05u3ay3xu9RliDs4-XZBrCfsOs7wASg_4jh_mhhaXoNeVYfHGFhHnJBWOgKziH8o2K5o27gcUlt3CdaSfLBj5LWuNRdUuAGWEq4gbC4EYOogs1JCqFwXKWjm4hlX3filaSsPDhLUE2BcVop5NbLkMRYO-3INcu669uoaMdwhU4Jzg_VNcphu1U4zJeQKAgf8ZLngzBgaZEiFyYt2TJySeNXC0xSXq30cPZGJ5m4SqW5xPbGBAn2cX_BqfYemYJAXbwiOLlBfTRoOZgTg-l9YNH9RDWoCbChvdOT8Z9c5-zRRfXPq16NH3tmexdWmc43A2FP5wYppLT07A8BUkaTlE5pKk8XKtY608web1EX_djGCe-xyfHvcjq-5FqYJmfK5qs5O0So0OraAGvu8uw1coIXf8Pa9rJjcRiq0Vujtdch-8k_p8J-gXrQ74sA-JU8KA51u4opuPqkvya3hfLykHe07Ja8jHCkYAQYpiHqIEoNohDbgn5qdNq-Yi1U95VsvkhulCRagHh5uYgTIbjjIQo2-i0Ugd50Svx9U3TNwyRW6mWL2LkhN8myKmTDc6vh4TzYf4NowfipWEjw1IBvja9NHedz1nh1cEyrndyN-MvFjjfSvCgHo6zje9uIApbAa6vSeD0IAojAdhzdxjavLAUg8d2NDCR4cR9PLfberOxVvhSU2u5FJH-AFfeH8oPlepxMuyaEiO8BjuCT7qV7BVvouK0lof0nGffCtczy-xi-BUtxICP8ySt3euGXTl2tSUXduXzktSaUH0P1EE2JR0Fc0nb67MfcrBzJXICdbeAKk9daDMh2QgVW8e6_-dpRcusrtvIqn95kQsZQjrvRGmOlNiu4Tru3B9nx8bXEgYHMKmN9mKvlkP8vp81F6Be7ZdXdXFDMfGpue6EnoHIpE2bD11gZ0W-AgJFDJNyJYsJUWhOLMSJIGdEt1aPwCKOM5I7B9a5QJToBpplgiICfdlLjfXTB-VdPzB2jEFzubZcfTwh19iomuhX4NUqORM-VlGX0GxH-yDd3ZZzZuXABeAHUkFJ52PtWFdQtn8FEqWhMV4v9dZAaFz8dpmrfwVlZpd0blA1wwRj0Wmw8tigpOMWaUMgOuaY7aUrzKHPfJEyZPgneu_9gUIyUIH06YP_vU7BGPrXk-_ubpF1PJz2wKuHEZaokrkrLw-8APYEdbbHUxjPdFWMZi-d3br_VX5M_9juwtgHfVvcLTw9eSZ-RjvcCLS9tnn35fgmqM-V9i0V0W9E5yhcJ0a2SJyunnb_sw_sNuFW9rcTw4lqZN0akSZQ9wHcrgypgB5KkcfZ1bRqzolcH2pOfb9jFVzsyT6XczUQk-AvHp8xWO9nLAmudW0wutEjxqlYdTzn80EUPRXlQ&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=7245488825463465000&adk=792902355&idt=168&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 18:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
74394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10810
x-xss-protection
0
server
cafe
etag
8766511519597269738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 18:05:53 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 93B3 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/886862/62195781/ Frame E9F4 		242 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/886862/62195781/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.7.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-7-182.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5c8845f25df6691fb9110a4f2a0eae6ad48b00de5a2aaa49b181e2eca6b35f20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E9F4 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Origin
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 31 Jan 2023 09:35:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/ Frame E9F4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR7Ln7L3YtFXFw29piMNjk_CfdYqOBQSucf7Wu0slOUIM6mlDTy9thdbXT1PChqniDtJmNXEloWFsAx6CbFVejYa2OQL-jc-edjqk0XZd-S8JXY9lHJbUCiePhQDicb5VYgZjF4FMMFRJ5pnl3HrVFj8AsMnK6P3vUPJPuuUBUJMC14Ck&dbm_d=AKAmf-D7tpzpfy9aY0y-LEjRV3EoTS984lRE5zrJTDMvKMa6TRubPHiS6Jm4uGqK4sMSblDZUFeCdc7nizpEZOZYwfvWenJ9MRyJgKhhIsrPl44QD4lEXs8QAmCJBykW6z7Y7DZ0Xn-bG6vJ7v0xTOiPOTtDtwwHzedBo1Vq9I9Qk9yj7vMe2exIVqLl_SVtnn_Mj1sFmJVljVGXpY1RXc1xCpUQdn28rfeQyOP1UhVpTyJMUuT9agYDcaLRMkZlIIZsKKi4K2VrW5c-1ik7lgw9qvgH_9e5sIyLZuibY-SVxL7lwOzSlyIyBAYBQzxk0dPXHKDu6kiB6_nhkeJfMr9u5Ov7kqTqdGUT-yLi40EGTGLjWS-jcwQAThvNpH8OQWKLa-LW96ODSgapEhE6J4MhntJ7DlXnwpJFaa-h5cObmGxv-QdmrGok7ZR8R8AF3T4P5DUzH4tWL5vCYZg_Ew9fFl_sAszpkWZiHvFR9SB8XbpqhblRbi-Q_kSjJl-hN4MglfSjz2Vcd5tqK_iqk--xJw-rrhNZPapWSAIk9RLcSN8x121QD8SK3nDDRMHbOnfz5zjfrCPheWiw3nQb0J6vKgv6XmgYl8PGiz_PX1srHgVrIcZH6xqfYrGHN4OgroAk9VYeXcZQ7WfOPOtoMrxO6pmaiZ3q4YAtFZp6FvOvZAEbU_KXsVSE3P0LFJLFxrR08C3X_HN41MXnlObzhh_KCuiKgSI698q9aJNW3iktT-ORLmHYJeTFKMGdLOffxf3PhOg2koTSmsah8CfUFWg3mtdhWi0b-YhFGWXENchlqTOB8-lo3f_ia3XpOZNeBf28Q23perS8LAbTZZ4F72P9qkoudijlRjh2hpv7ytzC7cojM6mlIIYXNPqgHuhTwpPumVRKbxnLXP80s8WkkEsWqxagk-macQvq5JCfhiFK6Uk0zVS2mb1VW14Lx63KZU5D4IR0y2mc-wLGTkbRjhdE2QZ6R63VZt4B-XXuuvEOs0fpuUZVoRFnItcVDUNxofJg7rpKGSYy99kB24Z6mrth1qIRw-BwW-KbXwKVjGqNSKMFYYPe8N4Ix4Hy5w9mRwoKkN7vFSpRk15TSPDNhUaAQZq3G52JGfyETBFK9Mnq6s4bJVDujnKCbPjN3NjnZPH9vIjKZVsbnqwbQOtH2VOsZPnP-IlDy-yerVVQOXDAcod_DxUEKIDMzVZ9bx_D_VDJbSUj1JBwL1xu4zjTvAw8CFmmw3p949vfGLoqvVCXJXlpoykuU86EwW0gUIePSF8VDMmvXg6JUMombjpM82PjSKNh6ZnOiJv6UXA51mAAe0coPPw5uMqkMTOabYoT3kbx03_SJv51eacsxyISWR0baze4Ikjox_LXDfh4hux1QdrBLAV70F2nro0CAoM_jeqKlOa-CLrB0wU_8u88scxc7xLZyjTejf4z5vfSeLtiG0KtgVBKfoAWRVCx_yb2_WRvlEtZrBi_bPh9-cd7PxTDl2AANGT30bV_vnGvVkXtAgibDDtjZqdE_mUCJfi2SFvpYBVqqSeIzD4ROqaXTbaDcxzB9BS0S46XGx7Nu3974U0irjz4K_KolPGdsR3NO_qVkOTOi7jFNxKOj-7e3inUXoSjyO6-wwgOX3Si8CQ1NOfc7VavFF8cydIdEmcGxhrUVKeY9LEUrnETTnMd5keFFcOZ01VcoOQhIwqrFOiKD60vNBngUmXAUOIrUTIyxtxBJJ2yuZfH9-rdwEOv1dTzNvSxmE-uY6NXCKoeszWI9YDhKBcy_PL8KQCQth7eYAgGbd7arjn2YHYg4I41Vfr0AGVGHUGPa_OmRRC7eTpJjpn8ax_BjrIBM08S6jKsxx5gSBrtBiQnzyKIyCJnC_rjG_lzTOaXpV_REOR_ELqHSFIDiuyKApeiKxD6mtMTSBgdHACSIE9OlZLfaTacn9F9XlMPWLYjRz8xR6nPPj-nMj-xcBAQ_gKGNCwceZ7ypVzifjxWCme9u7Rg4PN_apxnA4FBdyKTYPIp2vtn89R8tSrNQ0zLb-Gn_0owWx-XfiwDLAYdobkmCYnLKG1Yy3R2oHMItvc5oxz7jEIHX0WNYq5Uoo0zNv8V25C3K9nqYBkS7Sl3au0uGTjjg2coDdnN7CR-pLG03ykN66Q-ktfL6esjykb31iqnqzof0UWvwHUZ1rtK1z51rcSkDmFLP2PFgzxYufEC1LKNMBPBIorI029hSXB8ER8k3jK5-2RTvGUq2q4s7wa2HiY4MsPN-mqOQ--qDJMB4IjngPlnOO0Tli9P5MpmjccL5gKTBTFnlXatyG9PSmqArng0JaLEklmHfSrPMcoVfl8J-RsDsbc4_iIYsgvB4TR2xGC6EnRAGFXGnH4uq4-cSjSGOe_s4lQfBxEmm8gIp8U0Ko9OmYK7A3y5eW7dSqYjAq_r7QCHopxfrVx8Ad2drKjTNYM9NJ0_1CTMmULApCZ7mONePDGwreFOcE1sEeG4lLChOWV7ckJpzncYy4sUpkx41OBcwArlSHZKXoyAAPHWRRX64pubSscWEHQ2qU5hp8_YVve7oQFNgucbAquWEEGgxufRQ4FqkYGxycFkqD9rVZGTSbm7wHrLQWuwYfvtaam7u0wHYrl4IZCnUG-s1A_DcLTJWqV_XwrSwwd6DJfLakc0nb4Lw9ZLxu9ottzbgg1ta5Om5bT1GJ2kBjRmONOg_ps0g-5uTtv9c_waBWxyCkbKlBwya1KjxtDofekLf9P3OIXPtgvFz5A5nTWqr1TftWsTLZxqXNWEjJIf1fdekNr9RFhzU7-9ieRuqtDdyMA-tdI9X4e-OdFzmh8ubgsh3-1uPhVsxNw55Iy2sM9bgos3sDMBSSGqNrmfadCZ_scrr7b7XBjzL_yDe5oRjGqgn-osVeEiCaedbxMaCHDF3dkFvtt670yURDV-PGeAxRIVVjIa9IUbzIY8OWhBb1xIU8IOBD6cvwWdMUPxZVgNRym2kYsHIahq4Zz4WfnUyw2phHNpIwLQO4f6HhXMPS1G2K2KCml7ZOIY0Q61vOuoPIsKxJo5tpg2jsReMDaU3NtC7lOD3Us328tjDCe4ZCRaW6VpYR6NC2QakESAAh3lfoWtGYilElpahbzEHTqccMD0NatGEhgWWZkmf0tTA7rlomC2l93djiy4udFOEitLmFdscxrtGipTrhS0Po287IqBlxH38yDx8XkbAOWsZLgB_Ek0TmfFAc7_oEDD0pADXqXPX9Vit-S5E20nuxyvvoeYix4YeruY8J8l4fMtzv-Ck7MN_s5uwfmwqMtZiodj2swTzWJPeuWfoCwpCkdNZe-EK2zJq7lhztMwZHe81p7ONbg8rEaEpTMAo4yvRHF5nhlFWlzWdXxoFOmn3Dp90LLEt8lYl0i2wL09PICxm77GV9j94mKMGLNXnh9oxWio-Q3uqwLQuo2r_ZHkhDe8p1G_6FRQHpMvsi746_4PHMd5NygPT5J58qjFNaSO31uan77foJnr5rpOLeW87n3L2iW_VReH6zzFK8u_nTmYQqzw3Qx5V4X681V0KffhmOyNUR9tVxZoCrmZsMts85QN6c_1f9SaTD7bZUtD6z87uCy27f07AyfWdEDoJYGO7i6GM5mOCFGZG3zQfAFKATI&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=4822338309419823000&adk=496764934&idt=153&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 10:27:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
15481
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 13 Feb 2023 10:27:46 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/ Frame E9F4 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230124/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AR7Ln7L3YtFXFw29piMNjk_CfdYqOBQSucf7Wu0slOUIM6mlDTy9thdbXT1PChqniDtJmNXEloWFsAx6CbFVejYa2OQL-jc-edjqk0XZd-S8JXY9lHJbUCiePhQDicb5VYgZjF4FMMFRJ5pnl3HrVFj8AsMnK6P3vUPJPuuUBUJMC14Ck&dbm_d=AKAmf-D7tpzpfy9aY0y-LEjRV3EoTS984lRE5zrJTDMvKMa6TRubPHiS6Jm4uGqK4sMSblDZUFeCdc7nizpEZOZYwfvWenJ9MRyJgKhhIsrPl44QD4lEXs8QAmCJBykW6z7Y7DZ0Xn-bG6vJ7v0xTOiPOTtDtwwHzedBo1Vq9I9Qk9yj7vMe2exIVqLl_SVtnn_Mj1sFmJVljVGXpY1RXc1xCpUQdn28rfeQyOP1UhVpTyJMUuT9agYDcaLRMkZlIIZsKKi4K2VrW5c-1ik7lgw9qvgH_9e5sIyLZuibY-SVxL7lwOzSlyIyBAYBQzxk0dPXHKDu6kiB6_nhkeJfMr9u5Ov7kqTqdGUT-yLi40EGTGLjWS-jcwQAThvNpH8OQWKLa-LW96ODSgapEhE6J4MhntJ7DlXnwpJFaa-h5cObmGxv-QdmrGok7ZR8R8AF3T4P5DUzH4tWL5vCYZg_Ew9fFl_sAszpkWZiHvFR9SB8XbpqhblRbi-Q_kSjJl-hN4MglfSjz2Vcd5tqK_iqk--xJw-rrhNZPapWSAIk9RLcSN8x121QD8SK3nDDRMHbOnfz5zjfrCPheWiw3nQb0J6vKgv6XmgYl8PGiz_PX1srHgVrIcZH6xqfYrGHN4OgroAk9VYeXcZQ7WfOPOtoMrxO6pmaiZ3q4YAtFZp6FvOvZAEbU_KXsVSE3P0LFJLFxrR08C3X_HN41MXnlObzhh_KCuiKgSI698q9aJNW3iktT-ORLmHYJeTFKMGdLOffxf3PhOg2koTSmsah8CfUFWg3mtdhWi0b-YhFGWXENchlqTOB8-lo3f_ia3XpOZNeBf28Q23perS8LAbTZZ4F72P9qkoudijlRjh2hpv7ytzC7cojM6mlIIYXNPqgHuhTwpPumVRKbxnLXP80s8WkkEsWqxagk-macQvq5JCfhiFK6Uk0zVS2mb1VW14Lx63KZU5D4IR0y2mc-wLGTkbRjhdE2QZ6R63VZt4B-XXuuvEOs0fpuUZVoRFnItcVDUNxofJg7rpKGSYy99kB24Z6mrth1qIRw-BwW-KbXwKVjGqNSKMFYYPe8N4Ix4Hy5w9mRwoKkN7vFSpRk15TSPDNhUaAQZq3G52JGfyETBFK9Mnq6s4bJVDujnKCbPjN3NjnZPH9vIjKZVsbnqwbQOtH2VOsZPnP-IlDy-yerVVQOXDAcod_DxUEKIDMzVZ9bx_D_VDJbSUj1JBwL1xu4zjTvAw8CFmmw3p949vfGLoqvVCXJXlpoykuU86EwW0gUIePSF8VDMmvXg6JUMombjpM82PjSKNh6ZnOiJv6UXA51mAAe0coPPw5uMqkMTOabYoT3kbx03_SJv51eacsxyISWR0baze4Ikjox_LXDfh4hux1QdrBLAV70F2nro0CAoM_jeqKlOa-CLrB0wU_8u88scxc7xLZyjTejf4z5vfSeLtiG0KtgVBKfoAWRVCx_yb2_WRvlEtZrBi_bPh9-cd7PxTDl2AANGT30bV_vnGvVkXtAgibDDtjZqdE_mUCJfi2SFvpYBVqqSeIzD4ROqaXTbaDcxzB9BS0S46XGx7Nu3974U0irjz4K_KolPGdsR3NO_qVkOTOi7jFNxKOj-7e3inUXoSjyO6-wwgOX3Si8CQ1NOfc7VavFF8cydIdEmcGxhrUVKeY9LEUrnETTnMd5keFFcOZ01VcoOQhIwqrFOiKD60vNBngUmXAUOIrUTIyxtxBJJ2yuZfH9-rdwEOv1dTzNvSxmE-uY6NXCKoeszWI9YDhKBcy_PL8KQCQth7eYAgGbd7arjn2YHYg4I41Vfr0AGVGHUGPa_OmRRC7eTpJjpn8ax_BjrIBM08S6jKsxx5gSBrtBiQnzyKIyCJnC_rjG_lzTOaXpV_REOR_ELqHSFIDiuyKApeiKxD6mtMTSBgdHACSIE9OlZLfaTacn9F9XlMPWLYjRz8xR6nPPj-nMj-xcBAQ_gKGNCwceZ7ypVzifjxWCme9u7Rg4PN_apxnA4FBdyKTYPIp2vtn89R8tSrNQ0zLb-Gn_0owWx-XfiwDLAYdobkmCYnLKG1Yy3R2oHMItvc5oxz7jEIHX0WNYq5Uoo0zNv8V25C3K9nqYBkS7Sl3au0uGTjjg2coDdnN7CR-pLG03ykN66Q-ktfL6esjykb31iqnqzof0UWvwHUZ1rtK1z51rcSkDmFLP2PFgzxYufEC1LKNMBPBIorI029hSXB8ER8k3jK5-2RTvGUq2q4s7wa2HiY4MsPN-mqOQ--qDJMB4IjngPlnOO0Tli9P5MpmjccL5gKTBTFnlXatyG9PSmqArng0JaLEklmHfSrPMcoVfl8J-RsDsbc4_iIYsgvB4TR2xGC6EnRAGFXGnH4uq4-cSjSGOe_s4lQfBxEmm8gIp8U0Ko9OmYK7A3y5eW7dSqYjAq_r7QCHopxfrVx8Ad2drKjTNYM9NJ0_1CTMmULApCZ7mONePDGwreFOcE1sEeG4lLChOWV7ckJpzncYy4sUpkx41OBcwArlSHZKXoyAAPHWRRX64pubSscWEHQ2qU5hp8_YVve7oQFNgucbAquWEEGgxufRQ4FqkYGxycFkqD9rVZGTSbm7wHrLQWuwYfvtaam7u0wHYrl4IZCnUG-s1A_DcLTJWqV_XwrSwwd6DJfLakc0nb4Lw9ZLxu9ottzbgg1ta5Om5bT1GJ2kBjRmONOg_ps0g-5uTtv9c_waBWxyCkbKlBwya1KjxtDofekLf9P3OIXPtgvFz5A5nTWqr1TftWsTLZxqXNWEjJIf1fdekNr9RFhzU7-9ieRuqtDdyMA-tdI9X4e-OdFzmh8ubgsh3-1uPhVsxNw55Iy2sM9bgos3sDMBSSGqNrmfadCZ_scrr7b7XBjzL_yDe5oRjGqgn-osVeEiCaedbxMaCHDF3dkFvtt670yURDV-PGeAxRIVVjIa9IUbzIY8OWhBb1xIU8IOBD6cvwWdMUPxZVgNRym2kYsHIahq4Zz4WfnUyw2phHNpIwLQO4f6HhXMPS1G2K2KCml7ZOIY0Q61vOuoPIsKxJo5tpg2jsReMDaU3NtC7lOD3Us328tjDCe4ZCRaW6VpYR6NC2QakESAAh3lfoWtGYilElpahbzEHTqccMD0NatGEhgWWZkmf0tTA7rlomC2l93djiy4udFOEitLmFdscxrtGipTrhS0Po287IqBlxH38yDx8XkbAOWsZLgB_Ek0TmfFAc7_oEDD0pADXqXPX9Vit-S5E20nuxyvvoeYix4YeruY8J8l4fMtzv-Ck7MN_s5uwfmwqMtZiodj2swTzWJPeuWfoCwpCkdNZe-EK2zJq7lhztMwZHe81p7ONbg8rEaEpTMAo4yvRHF5nhlFWlzWdXxoFOmn3Dp90LLEt8lYl0i2wL09PICxm77GV9j94mKMGLNXnh9oxWio-Q3uqwLQuo2r_ZHkhDe8p1G_6FRQHpMvsi746_4PHMd5NygPT5J58qjFNaSO31uan77foJnr5rpOLeW87n3L2iW_VReH6zzFK8u_nTmYQqzw3Qx5V4X681V0KffhmOyNUR9tVxZoCrmZsMts85QN6c_1f9SaTD7bZUtD6z87uCy27f07AyfWdEDoJYGO7i6GM5mOCFGZG3zQfAFKATI&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&dv3_ver=m202209210101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=4822338309419823000&adk=496764934&idt=153&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 18:05:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
74394
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10810
x-xss-protection
0
server
cafe
etag
8766511519597269738
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 12 Feb 2023 18:05:53 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 1D8E 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 01B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDXRvd2VyMi1zcXVhcmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEDIhAAAAAAAA4D8wBAoNEDMhAAAAAAAA4D8wBAoNEDQhAAAAAAAA4D8wBAoNEDUhAAAAAAAA4D8wBAoNEDYhAAAAAAAA4D8wBAoNEDchAAAAAAAA4D8wBAoNEDghAAAAAGhm9j8wBAoNEDkhAAAAgGZmIEAwBAoNEDohAAAAwJmZIUAwBAoNEDshAAAAAADMgUAwBAoNEDwhAAAAAADMgUAwBAoNED0hAAAAAADQgUAwBAoNED4hAAAAmpkxhUAwBAoNED8hAAAAmpkxhUAwBAoNEEAhAAAANDNvhUAwBBIaQ08ybTBhbkU3X3dDRlQ3S3V3Z2RiSTBIVHciHWdwYS9tYXhpbWFsX3YxX29jaF9ob3RmaXhhYmxlKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8F9D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75634
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 17:45:13 GMT
main.19.8.385.js
static.adsafeprotected.com/ Frame 8F9D 		200 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.385.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=18636685641&pubId=1&placementId=396814515&adsafe_par&bundleId=&dealId=&bidurl=https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e46fa7ee227000e5803c3317aecd58d5f4fa151e367a94f24e9e814b9dad6330

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 21:29:24 GMT
x-amz-version-id
VUpTdNSw556u8DTxBoj61VmLffpEPAG9
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
1012584
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 18 Jan 2023 19:44:57 GMT
server
AmazonS3
etag
W/"d4db5e05b3c00fb6a3a262869af20f38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
KqUcaTO_SdSVcwWi_gPuQ8mcd92TRFkZZKtjvQ2TVAOVIQ95CY254A==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 691F 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 12:10:18 GMT
etag
48472445140208031
expires
Tue, 31 Jan 2023 12:10:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 8F9D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
851948ae6cf918c32a36102d7fc1f0bb6e3a8b416e1692e581b648c09c961ee5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60B4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDGxhcmdlLWJhbm5lcgoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QMiEAAAAAmJnZPzAECg0QMyEAAAAAmJnZPzAECg0QNCEAAAAAmJnZPzAECg0QNSEAAAAAmJnZPzAECg0QNiEAAAAAmJnZPzAECg0QNyEAAAAAmJnZPzAECg0QOCEAAAAAzMz8PzAECg0QOSEAAADAzMwkQDAECg0QOiEAAADAzMwmQDAECg0QOyEAAADMzHyEQDAECg0QPCEAAADMzHyEQDAECg0QPSEAAABmZn6EQDAECg0QPiEAAAAAAACIQDAECg0QPyEAAAAAAACIQDAECg0QQCEAAAAzM1uIQDAEEhpDT3VtMGFuRTdfd0NGVDdLdXdnZGJJMEhUdyIJZ3BhL21vbnRlKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/14981401267596077774/ Frame BBE7 		1 KB
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:48 GMT
expires
Tue, 30 Jan 2024 14:45:48 GMT
last-modified
Tue, 25 Oct 2022 17:10:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8F9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc-hafOLq9W1NaJSKc8wBBbLj44nNeb9BJ6TkMUHV_shpO64DSCu6obA12rDQy3tDGE5saX1WaZtZdj26sWrgBak4rdtL9c2VlPUL-yz7Slzmoo3abdfVyZwbYUblU8JMbRjworPT_cRSHA_pcNBiGci1aS39WUnHYgEQXYGG7CsWlnsgI-zxcgVtT8ygPBtGsnnyWBwpDIWlloMg8iBkOsvPTAQZLJPNl252VZgVbcbCK2_kwp6g9xUwWlN2EhA-UdQAQH3HImZ4ltt8vG2_YZryOsXafx8fwGHTBYMZcgzksJ4fGRONpdltIu0zbj8CWbowvordBq63CTkGU9e380pPO2HxzHBQFKWt0wJLFprMYkxqmChNouqIyZOWGolzhCVvhl_QRF8cxgM1z2rA7xfC4bfQ-QsKVzZaNPwSDeNqre3FATgySYNAGDT5m2tGMAvhqsRJeDxYqYg8_8XPykn6lsuJ5oa8U14ViJ590xGcMtN435khglFPDcGGgb2dQcwsfRQt4vTtNVOb_3dmy-hFSAUZKPWHivdvoWBnoZH6v6q15oWlm75yBl1zBWVc9tHZTqfnx8Mqy1iISJDPZvXxPzr7CXNry09uSrQy-_0dsPSfnVQfmlXHCmdKRoR_bidY68BAiJsbawlynXINtUJRN541uUP68mmJTmytF31F2Hh5xq6nJ6JFePDkwP-89i6iN0pS7QnIGbzKrOcXDqDPhXjxEJgcL4pdxYz-dCw672yVVwqo2oUceNnZgTSLNPTlBeJcBa0WwWWB1eUPanYtauwUIv6Taf1mZet7Pg_Di74DH3_cj-tP-0Cg_0W-0MVJxMJUM0SL7jwcQaErdVS0OVcMFtjFuBvZLX3QNFKneIHS1VXhLUIB1UEOKRMCwqPac3iQ2TNut-NHHlLHfhd3EYP11uWdwto2HSmbH9PXGbl4yQDIuRKVd0PmQoS0hU6eePUGbrGAfpoOY-srFfUE_8HnGeHlS7x7SfhRn1AndJZY8ZCEiBaw17FeFB6n5wmcxuIKWoKpGxqmUoPNQbBnkqgh8S1HmUoEs6cMsYXw2iH_AHp5T2szpo4-gpN9gB-hiPYicnqElcxL25Wo3laG-2Fv7-SP4J_pCuOTQlj2ENxoUmdsNufh32nQT2od6dS2fu7GM2r4R6k09KfF17w_dVjKRu8e0WWHptQqz7BqPJg3TjMbFnxWapJCo4fXPalyeYeb-DWuTIKYwdeW2UReQkn62NvS4QXE2xkqPIxnZt3fZqjzQI4UYVBfPZc-n9q02GcA3IEecI49NMAjkdZu2H0cGUmmriU6A3GXb0hMW90-OpPk9&sai=AMfl-YT0UjE0EuCjZJk2uYrHbeFFIwCcxfQSBvhxEqnRbqNWV-eFqoy9qnHIcC2-LOxCCAv5A-nxfEkjsPYE1EKW-1FXe2-O1p89GBy_G0M-DXOUID0mXWhhF0efolYoZ5cYyJJ_RHS9qs0jwZYcg3d_ExigCu8T-lRpx7eD_Bb6ur-4KsHPjkr8kdd_-KWBGrGwd5Mwpzzz-X0gpeQ8g0LYAdLoGAaq5tDP0q1-p69KkLo3t53Q8QQGUaLn-sq3uHFsCGeNWe5aYH8&sig=Cg0ArKJSzBuzPxADK1KjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=297&cbvp=1&cstd=292&cisv=r20230124.83871&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
ai.aspx
m.exactag.com/ Frame 8F9D 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180662177&extPm=322787525&gdpr_consent=&gdpr=
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Mon, 30 Jan 2023 14:45:47 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mo, 30 Jan 2023 02:45:48 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A599 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoRCAEqDXRvd2VyMi1zcXVhcmUKCggCKgZzZXJ2ZXIKFQgEKhFteXNpZGlhX2FuYWx5dGljcwoNEBQhAAAAAIAB1EAwBAoNEBUhAAAAAAAAMUAwBAoNEBYhAAAAAAAAKEAwBAoNEBghAAAAAABwiEAwBAoNEDIhAAAAAGhm5j8wBAoNEDMhAAAAAGhm5j8wBAoNEDQhAAAAAGhm5j8wBAoNEDUhAAAAAGhm5j8wBAoNEDYhAAAAAGhm5j8wBAoNEDchAAAAAGhm5j8wBAoNEDghAAAAAAAA-D8wBAoNEDkhAAAAgGZmI0AwBAoNEDohAAAAAAAAJkAwBAoNEDshAAAANDOngUAwBAoNEDwhAAAANDOngUAwBAoNED0hAAAAAACsgUAwBAoNED4hAAAANDM7iEAwBAoNED8hAAAAAAA8iEAwBAoNEEAhAAAAZ2aCiEAwBBIaQ095bTBhbkU3X3dDRlQ3S3V3Z2RiSTBIVHciHWdwYS9tYXhpbWFsX3YxX29jaF9ob3RmaXhhYmxlKAw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/9f1a5ca513cd67f408268f629c2a8fce.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D727 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012401&jk=1013356184984728&bg=!wMOlw4fNAAZSrDxfcqw7ACkAdvg8WmhE-51yJmhZClxYQm_hTj-zQC3hMxmmDUxqbE_nQHwkVIvGfgIAAAIMUgAAAAJoAQeZArnRMTk7J7ySCv-dcU_szuQde9o0gWGjouuispewC1o42tiKJuanCaEpRxUPxnc8KfdB2vvBWY4qQTA13_rVoQ2P4_NTRGNJTDh9NVs0N3aFdn4nqa7Qur1RCVoMkJ0txj4Knm9l5_xFEBARtOBIJIyAan9zXRia6YMv35WMmOX_wOJf6oHVzZNI5AIgjMVzE1U0RnwklsY-NYQFKwDg-O3GjSh2GZpcwlGpxV3ULwAmcrNHiOTDUudLT8mTP17n68hi3JrBjmXzxVJCTS0Q7j9E5mNDabSjP_eU9u5HmvnQYItzysCCDWcrH494oThMFvV--wa3Yue8-V4Dg2miK60boQIUaGimM87vyxSFZkAFIxTzurYLLzuUWE65cmY6rTBrV8lIqE9tBtR-_TsIGD1zcevgYU208m76y66J44P3jiSp0xOeUTYn3s1JZ6KNvuDpJhpHI1vYXoKAO9NLDoKPsfbanB5sqpo_WUHxAJkE6XbDTm0-dZfzOu3qf3TMD0jNtrfX2kcAkETaHhrHGLboNqvgbDxY25717OlSUoefgek4nRZgbUXwD_YGKYTmTkV1ioTyAlbJXiwUOmxwRWl36arGgKv1p7AM50KAFcZW1cWAakD1fzS6TRV0ZXTu24uIZKm91MtzjbsTPRzVUrJNzBr0kYr2d-p1VbQUFJ8XhRK_yjUEap_dpEKIJBgfnCx0NUuJL-tMIktRDqpGMq4H33JzMpSqpSKt5tcMdcfQ0TyrW39Fj_N7rJSXqylARRLxoqolUFuX27aXRhBBtx4LKERQPHZ9sHp6uQQfbM3uib1PqPuq6P6uhuKzSVskUQaP0SWO4KzjWfVl1wVwBeLzdn9Oe3q8Om3UMKHyAbC1iFYifWzG4bUa42yMMe_fvqhYkPKUAVWEVBvgMJwXM0Q372ae214jnts6
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 10B6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 17:45:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B538 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 12:10:18 GMT
etag
48472445140208031
expires
Tue, 31 Jan 2023 12:10:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 10B6 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5397fb67e1dee10994debb1ea89ee478cabfa07db98fd5582f4d6f6a8beef506

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/ Frame E15E 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39236128fe5c0e392d70d5f7408240e5cbde2a6458e70e025b5c50781aee8270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
167601
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1679
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Jan 2023 16:12:27 GMT
expires
Sun, 28 Jan 2024 16:12:27 GMT
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A135 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQTfQSaBhEWo0_5v7CdJESIQk2DUujBpJ1B4EQT-jXs4AS82J_GqxRFZ7z-zK6ryr14eoXxtmmSXCi0pfdjGYPUkgBehUTfNSkRwQe7GKTKykGlD8cE1TG63pEI1Mq77ryYaGQJqaYkGCidNcGQvBHZ7FjqeDhyk8Nil3eMA4KLexbA2eg9Qr_EDnls65XWDaM6xPJ9O29Eb53oEXZQQRGPMl64LrCOxxo0tNVdFBYou-e0gvgcgox8TcS8LrfbaPLljuLC_9aIqjzbfGnj7FkAUQ54doBz-i755MZHp0EYtwY6McblTumYlIWOy-OIbGuEa7QrUHoNYNtHyMDaH5HTztrLrB6q3uK8jA4huqNENxS5e8ivqYYUbaFp_9rwZ3v4hUa1kn2uetUNJeaYRn7kLqOMMubrO3nFRqsKH_yonCnHHtyNCI1p69J55FSmP6Ff7iVwcLzRzpl1YtY5YqMMHQa7iC5revIdaV-8b5nGdpXL5goA5pcJP81RgDPxGKDr2CXKcweZqSZW5qxOCW65Vztu0mBORxaVESVoN2FB7q8oJQv7Dk3o4l3vmwyEBPpHtm87-GhwLdr7PVvs2bkXfWy5aJFO6UgCLUOCSLsxx_zyIegqgx_oyzNhc4i28Df8SL7QdWGd85mvxEjVjto9pHJ6Ogw4HWt6nZDQcLns3TkC3PoAWT_FWOeyzeQc02iNFJX-7Vj_vxKI9e0q8vHKhtozA-gBlmb_JVAkKOMRd4ZEe98yBZBgHJmQt4AV64gbs4KlOk57mzsBbC6U0-D9uHXM98Rtc342tv3_NpBanlXEwsDU_x1tGzXij4bM7_sTEwRmMlzO-VOGf8qtBmBQOu_RJwz0M0gQ7UP3CEQ9io1EVQWiD8QjbbtDPpbZI9UpjDLZFQ8ReVctq9TFhk020zlwjyArvy24xXb14QKC5Qfj-uQJo268moAMgrqwa3g69VatG42efnm7vmnxYVv_IVaH1F905l4MhuSpRAzOib8w3oyoplFzaxUI3Vil60PIaH9zB3a-xmhXTAoiQn0T10fizAAghV6w3i34LSHe8Pid-Ccl1i9__69-dX-HmNDBkMI2A2xTa0vVA2rEDG1U4g5ZQ6n7T7N6ZOoaY63moHHmJzmnVoXu-dAfb9petxU2Gu4n1GkAIyCTeBxRdNtIRtDQxLl70663XEFw3huVQkKQhhf2alhL4zkuEaltPuFy8Cas1gLcF86tYvErdzFf9jFuMONuPI5IeBkazpL7ejp0HeUjmNkUWSkhjOFGk5a-s7ZLlsa0FzhCLIMVItR3Sl6cgraR1smUOzSFIPkibg91inE1sk4r_D4iy-ExKf5IYOTNymtQe65EQXYilcsJsfeliRLlXbe8Ue3AYc43XY6G4HMZnaAeqmQGRwBzbWbYMxg&sai=AMfl-YSwh9iXJfP56lvEb4do5aG-D0S9nkWJuVvEi5oiQM6wiOVwekQDSIbOaFig3sTBjxNgaLPzL68LQvOl4HaRA42P0w6v9dgKkV1caamgOjlE7jFuTp3ZlY2QNsU73tDLlIKH-76IOdgAJaj_RrqZaeCnuuyExoxjIBNDOqEwocIGbatm4wYDOMTTcnTKEQYoOcVzX57cceWCbwNGf42lgSDPWSq858LYVStjoqg3DUyZ5yrFbYseSvFvvPzApf6yrGBXU3Y9ZN0&sig=Cg0ArKJSzOT5weNia2CnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=298&cbvp=1&cstd=295&cisv=r20230124.82079&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
index.html
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 2882 		21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943bffe44175fda268b40ed3fecfcf77df13d166786504fa59f30567319d9a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:48 GMT
expires
Tue, 30 Jan 2024 14:45:48 GMT
last-modified
Tue, 10 May 2022 13:01:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 10B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuSX4Lv62h49SumgiLCc3ByrsI6BLkXKwp65_11AUmDoHCpDFtr0eu867Vx88RQDif9T28o6x2j7h5wuXOO7VxH9wKsZucMd6N8fGmJOJrVQ-b5Q2BnLwdi5baE-dXges6ojCuTHik0H3kIHSaznmXnWRBQRILyoUJLdyjwSmWEdxLsDk-fGRYx4uPaLfnZ0VhHd8-G-LQ_D6DbA25BZk7Gy5wtHePdSn0iBz8tBh_huWUWwKiGWja7dF59Blycmq0nRWTWI4qMqOSs1eWJtpYDVcM4oFed1jLqNPyS7fS_CvrRMBiulPT5SaL21SJNP6wsEXPqT0cKFCkt8qHLHYgVgIsHqzNJjA6RTOsv7wIzrqFIJyJ9YM0XVTJYvHk4gzx4KbB2G0oKWd4hor3zJ6A38m3JQSpRwl1whDgxmWiCy7KGk8QTrI7vvDhxShN5cY2w4yTQ4cDjFT1mICq_ruo9Q2HNeAErxg3A8gSaEDjalay3firNnVQ2IUoijdlpYoCMCUcEtMRj1ue0sAofpzovANUmdt_QQhIKz0UV4yUcWhB88ulDu9xuhYGPFUZMuF0210XXQJu9MwKIKPDDxHVQKxGP6nQPXPOnIkH-X9vJRJr8W7MfydtnBLFAD6485tH0SHcy-imwcYFcJFFO1rdWyp2QbwWVTKWnN82yIUwXBai7r4bYp0Ss1URgVzfjVGcUK7yenSPmY0DwOznbHwBOWueMd43byzGQcs9WotrMeHcpsK6PQmPLYyP3JviMzzL8tMSk6ChGsixBwuimmv0dZz4h2BCSvsjZQSypb1r18Pt506j5y3xV2I_zQsirknQO9LwVdmgo94tI95LACKAmZEmbKILp7LcJeyY1iZJG5UtorJlnx3XFVygbX0B5dyHKizh2sVVvB6ai5aMzVsrQ7ET9MaOs3qpSNRy3PJZz9INla_uqpPAQ166CNc0q9qJdWPMRnePH7_9BOdf0Zkgua3HzmEByrNImeiQI_IammRJaMUwxC2ceXDCbzzo9WZYceJebSaCgzKbG1rsqeKzqmXhw330K095K-yOcVP5Nbu_wuchlPJHcughueAURS9Gz9-6mJDKrGK5zLBDl7GFWOROQ6tYI2pH1-CJyqyMNnKETukb5TYiZG_8xRp-dbBj5RZDvFXlqvkSOAnOwII8eFTNqZsDRukpJtc2RKBPowzOAxw34BWfnB430EO_oXH4-lZKI1nf1w7JXftKj8oMFJzoZlbJPlV6fa7icHUYeehhEks1yYNFN2f7x7ZuzvSm3UZO19qNy6tJN5H0vnwP4E1GyEPiz2DGlQ5c2smgUKMFbg&sai=AMfl-YSVsq46ufIJ11ZD0MB2xcdxNEr__0vqkC5tjAhz9gEmeE1P0SIkqRG7i68l_mPiEMijueMJa7izAMv090z2rvBtLwuF4I9rODbGgWrZqaxhQTzYMzh_JiEvy9CnL40KXPR2CDcM5_Bqf9mokK_Tf-P7wahqovHMFHPh51QvwOKBdz_j1ZjLk1Xi8F4iTUh9t35X-f2UwgI7fKMWa_wZ_jbJ2Kaln4io_vSIAsub7ExATiMhfid93tJomMsELlrPmhoHsZIvxLE&sig=Cg0ArKJSzGLIVeIG_LTYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=319&cbvp=1&cstd=316&cisv=r20230124.05098&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A135 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 17:45:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 96F9 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 12:10:18 GMT
etag
48472445140208031
expires
Tue, 31 Jan 2023 12:10:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame A135 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c476691ae3c0668e41ad1b3fddb8280efc392b875a22789694ed9ba52533ec78

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
4.js
static.adsafeprotected.com/ Frame 10B6
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/886862/62195781/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_G9jXY5...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:214f:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
zY2JBCN4YW7W9FILnhc6dvLmbr8sZib9
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
date
Wed, 25 Jan 2023 19:44:45 GMT
x-amz-cf-pop
FRA53-C1
age
564037
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 18 Jan 2023 19:44:35 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
NYzQ4L1PqjtWr2SC9GovWIv_fMtBaiyl5eeNRmMl1siPYtvM14bKJA==

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
app13.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 0768 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
11315372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
K84Q5zjFtyWZTdljkbe0l8YeoNjHNFwjlUjn_Vbasw38H7yb1NPSCw==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C826 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 17:45:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1A13 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 12:10:18 GMT
etag
48472445140208031
expires
Tue, 31 Jan 2023 12:10:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C826 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d80ced94f570c7b95e8d06dcad585ae9a7576602c7a35c9c59582f37f1c9251d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E9F4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 17:45:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75635
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 29 Jan 2024 17:45:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4AA3 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
9330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 12:10:18 GMT
etag
48472445140208031
expires
Tue, 31 Jan 2023 12:10:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E9F4 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4167e61c11cea7fd5ccca2c28703558cd6ba227974d23e02286b6d09d9479fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/png
fiamp.js
ecdn.firstimpression.io/static/js/ Frame A911 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
486aba993e2ef444f041fd00b4a92a7793fbbcf1ef0c77fd4db43525ab82bb9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:15 GMT
content-encoding
gzip
via
1.1 a64e3ccdb085056758f4ef32e887b5dc.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2313
etag
"1b9a6-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
36388
x-amz-cf-id
YC9qj5TlOO2bLtO2obK7V5UNav29ol53JU9qftd82OdqgF4DV4DklA==
index.html
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/ Frame AB14 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39236128fe5c0e392d70d5f7408240e5cbde2a6458e70e025b5c50781aee8270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
167601
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1679
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 28 Jan 2023 16:12:27 GMT
expires
Sun, 28 Jan 2024 16:12:27 GMT
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C826 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZkEtDz-QFWpPmQMXs6ueR0pSYCn6Y6ZwODqNg0eHU-LG55Xu6o0JMKC5bmq09pnttnmh83MvdHswHGB66g_vCqR_tEhyr9GqhNXjursSFRHXbDiKHmMgHbTGHjHA-DdIDQntWsf22581o9P1WnA4AIcf7MCYoTCsBUrYl5P_oU_A87jvO7AhDaCSJscO7AjkmPztBwu8aqhJQ0Fm9b8gFsYM-BBq-NYXK98fEt_jzs1jcG5WsMSYDVYagwDnIKZv8lJLmgj-X7VBjwv6zZesH0G9HJ0Sqcp9NNEaDqAi11Bdy3V6yqgz6aOxcErqknVHmRCnsQnS4c3s2R9CPUj1QH1RkyThQMWXR_YAproWazSLhgMD21HBpLhf6JeA1fHocYr7eEDypOP38c6BR5qlK97WfQ4EVkfM29taK4AiLjtNHGQAAmUPnPIasURhcrYMS86EjmGetb4NriWO5zDW47S4yZvRBB30PGQSATc8JRIVxqCTVbkSDVd2ZdC-iRvCRcCNNdhzVcNPZTlUeRQbGfG77Vv0ok-cVyFSV1m75yLzPQJlnrAKmdU8LN377lOQoN-Ya0x8uKbAvksLfHWZmNqF_Db6hge5ZFninhSjLXbOPTPMCnQ3dPIB508FiKlZn3-bvUq42xGn5OvJXP4AldUlVzjTnU7eUXt3aRGiMm0mFvGy1WvYME95gpidx32YAG1Ih-t81SxCGM9UBG1Qrcp43Ugv11Y-_UmyC7mKnE0Ml22zuNL6aqND-fVi09xXtYm4vx7OyXONSilTTtVWjU9skvQoCOc0cMdQeGyI-4Ew4qm8ofwU_c0hlRdTbaCs_kPSXdcSp2mEAyJuE5OqH0HqlIXquYfT_wvOtxydZbBMPvVGLSBAAAs_KCZp8cYo6bxt2_zKo5JdqaVkGpJwxpmLfKyRzHJFXvxzglnu6ZJGKae9dSznrYbCLoFLdF1R3L5mn6tATzyOo0qkIIvvbR6jWg-wL8ciZRNehD2ybXCQZi0x0LMvZjjZjKAo6DPiw6x9wZHAgNG8OJvcaBySIWH5oTKl03MUOx2pQFvcaFQtHNCcyio3sr3mqvdErjpqvahAbv1Jd0H8CGsfHutvRikoeh4WSsHeo7HCftKT0cT4lfQ4_d9QOYUQ7qFPh9FoEb6SWX3FAhbj60rlRih-vhVDcRRx905sAQZ9NoYzmRraOUHlIbwZXW0YTw82C4vP3kIU75PD42D85AxoanQ_yh3w89vymc_uHsvc2ZSGlgQjIHu7YB5QdNVtVhMvAbtl-u0Vx_AJCo6mkQZBrMDjxCBwI7xHij4sLhOboaOHRTO4zd3j2SFBWKXRJxbC0sctggHVSY572PCIJaAqzpCxjoQM1obRUNN1lWwFLtbxilb4svkCRF1GKNhYehrs-xA&sai=AMfl-YSGBCQAtY7NEobXOkNqmXWtp8VzHwqCDIyq5yI7jcAogFt58I_G6B4SZ8UAhLKGvR438BbVjSsz7NoF50e44d3ELPJekkjmU7JZjwrvj81Sd0NS1369Qw86S2P69L3FzcxY3B-RyxEM1RhStGWFfjZYo-_wpJ9sY95BX27K5A0Y8MRabDqybyq8C8V8ru7vwJqDDXxx3OSAe1WfVvTyS0hwB-Y2JB9Z-brAa11vIwQ3beCjCfHGIEZudMAYQ-1p-cYI5kqzrsQ&sig=Cg0ArKJSzMAlB-v6mYLNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=439&cbvp=1&cstd=438&cisv=r20230124.24513&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
4.js
static.adsafeprotected.com/ Frame E9F4
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/886862/62195781/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=&adContainerId=brand_safety_G9jXY-...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:214f:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id
zY2JBCN4YW7W9FILnhc6dvLmbr8sZib9
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
date
Wed, 25 Jan 2023 19:44:45 GMT
x-amz-cf-pop
FRA53-C1
age
564037
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 18 Jan 2023 19:44:35 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
wj_-X4n_wDR4ifsa2Ru6jqPWWx9OqmgKtIgpmtIyoSfYfSxU0cODyw==

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3D38 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
11315372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
T5kwFvjx_9haFnJvuWlmuMWYhx0dAm4yxSix86nEAeI8KP0Xi_Y55A==
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame BBE7 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:45:48 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame BBE7 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 09:35:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 31 Jan 2023 09:35:36 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D3D2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
74393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 18:05:55 GMT
expires
Mon, 29 Jan 2024 18:05:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 905D 		21 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
943bffe44175fda268b40ed3fecfcf77df13d166786504fa59f30567319d9a1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:48 GMT
expires
Tue, 30 Jan 2024 14:45:48 GMT
last-modified
Tue, 10 May 2022 13:01:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame E9F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuM2QvhPouKp5IMcku5ZRRtyl0WFWFYwVHOWoYOphXK849JtEtb35scNXi2I-kav-9lXl5T0JsAwzXOX0jo-eeHgR_qT8YVfHFawxUs2Nd-m3jcR3ucMnuCA3N0xRLLhPFsl9qEaAmnvhT4yeH7QcVRWXVKItF-oNUApiXbIn4mkAtrQ6B07xYL_Lz99nQWCiKAx8awtq_vS4K8QM-LKMlo8e8TWvhZbr2ZvoVALSgESGPC-360S8jR6WCsv3ZIbYWmDtkRQpfrdt0imYg2EjphOMfSBs07xf2B7ZV-w7XhQfTCSSFJHD0QYD_nRoxeAiuY5vpFzut3Wm8YIpXDD_WE4nwgz22a2RpU7UQIRn84Vm3xjN_nRL2c3ZYkAj9nLWoCgscual186j7aXEtTtWVt4POHoUlRyflcRFXtyIbe6Ehkh53mg44bqb9De5sUJoMwf-55C1RqXrEmjVYswEDRKVuo4ahkrw93H51W4OcP88CxGHFnkokCf5VbVHVuYoL_pJ-3vs-46fbs-ImaK_zKv2lTwiOdC6dK9Z96VUzXFMuMljVr7dT35ogRoIfbSqMJ2x-wY7jiGZOG1cTWSx8EEotu4G7yKrCRX1-Yy-jREtNPxrhXDNVxrKNfbI7Nt8HGuSUINqP9iiUD4uzrSWuSUXoT5uODKn0-LnrZ0E4nBj09pcfrkLRacJDjbi7StbgQhW3gUuP7hxDqBzsu-_slKUADONMCKpTxv_L9U6_GXEcvrN3hdnK1sbUMnK-LI1RcUZnT5tX04nVJktdueYUFcjcJA6jOPNx9zBlao-DYoBnx4flC1c1cK5jGdrAdgjXlPimwYzzh5m2fUpdDZ0RGkxspxqyPp0mgpA8Zifoj5m18ys4Vy6c93rOug2HtVbf7-Zf12I5EsO06mbJCL5SsW5fKelH7PSKDj81GQ-BjIqbb7PqU2mu9yjs5YdG0ReEp-CUq671ULLMKwgTIS2O0fmoNE-deCdCqLsuPaCo3VZD8EDvsbBnPdxYOZ93XpSRUV_xi12WUsotCWAW3_uVwixeXcejx-ubxUk6fZAel2WMD2F-MtYZrrBbm6NMw0toemHTgAydiC6b9tO3IHgTzo-I9qUvXXbja5iZDgem4MV08om_gb5XMD4oTlzUv_ce4qZ-rQCjFd1UIVKIpRDCndi-Ig9W30gJK3doODOaBhdsoO-JE0kIzfCWqlRjTKFAvmECmUkNGv5ikR006uk9N4hQpYa54kXjhuaynBzi0pkwomn3HsYCp4vEKBd9XDN65JZsvTKGsPShgDIoDSOGEUtL5AvdpTUBwS6YieHSHGFlqjw&sai=AMfl-YSIWkzlvxuM7i7SOAQO1xyq4e3UX-CILZCRfNxJXWoe1yRveusHHbAiRlM7cIJOBvCLe_xiSnCeRN3aI4mi9iUh3zznDhB8vpoQvzzPSA9ASN-K5mlctpWQj46VBHce40-bopj9eiqBzWsEuaLEdOoRCh4UY2Ii7s9My7VxGhy9nnurylBLPfWL51Hu_TtEIK8JiPFuMZJMiBYCb7CtibWQOc0E3yCHxbR-siQPJxTwY-Na3eepCeocuvA_p12EvDN9lfFYG1g&sig=Cg0ArKJSzFBQ2vLlD3OtEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=546&cbvp=1&cstd=543&cisv=r20230124.70665&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
pixel
cm.g.doubleclick.net/ Frame 691F
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBtB1VePVjlwjKZNjLSfcbg&google_cver=1&google_push=Aa02lx_73Bkmd1Xd7urzXRG-qj-wJMogI4imX53o6RQzaaw75ARBt4i5CEZBVC_fqpVAspMGFt7kh7ZSK2bO1cWyTenYjEdY7Q7NhQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=051F2CFCF7EB4D0183562ED60AF623C2&google_push=Aa02lx_73Bkmd1Xd7urzXRG-qj-wJMogI4imX53o6RQzaaw75ARBt4i5CEZBVC_fqpVAspMGFt7kh7ZSK2bO1cW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=051F2CFCF7EB4D0183562ED60AF623C2&google_push=Aa02lx_73Bkmd1Xd7urzXRG-qj-wJMogI4imX53o6RQzaaw75ARBt4i5CEZBVC_fqpVAspMGFt7kh7ZSK2bO1cWyTenYjEdY7Q7NhQ
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 30 Jan 2023 14:45:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=051F2CFCF7EB4D0183562ED60AF623C2&google_push=Aa02lx_73Bkmd1Xd7urzXRG-qj-wJMogI4imX53o6RQzaaw75ARBt4i5CEZBVC_fqpVAspMGFt7kh7ZSK2bO1cWyTenYjEdY7Q7NhQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 29 Jan 2023 14:45:48 GMT
pixel
cm.g.doubleclick.net/ Frame 691F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEHt6er1rhLcuc4Fc4Od4WWo&google_cver=1&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78I...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78IJfU6cWSwrQ&google_hm=YoCtvfNkReaneT0CWi0vOw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78IJfU6cWSwrQ&google_hm=YoCtvfNkReaneT0CWi0vOw==
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx_fll7-TK5FEzrbATfA-9nNc8w8RFr6r5fo-Rur2dt2aFAALA0V98REMtYML9IQwscLnF4DHgxYXIxHTZUgc78IJfU6cWSwrQ&google_hm=YoCtvfNkReaneT0CWi0vOw==
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 691F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx_ZKBm2o87_ruSBDaRJq74oMTVDETAxoQvMy4qbGD5zFWYv_pmz8gHo1VmjWoVVFmpgEmTzscD1...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx_ZKBm2o87_ruSBDaRJq74oMTVDETAxoQvMy4qbGD5zFWYv_pmz8gHo1VmjWoVVFmpgEmTzsc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx_ZKBm2o87_ruSBDaRJq74oMTVDETAxoQvMy4qbGD5zFWYv_pmz8gHo1VmjWoVVFmpgEmTzscD1WLL0O8JqmBfm168ktL7vRA
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx_ZKBm2o87_ruSBDaRJq74oMTVDETAxoQvMy4qbGD5zFWYv_pmz8gHo1VmjWoVVFmpgEmTzscD1WLL0O8JqmBfm168ktL7vRA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dds
rtb.openx.net/sync/ Frame 691F 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEOuKgpH2rvtSJ64yF5nsBc4&google_cver=1&google_push=Aa02lx8rgsNXCoc7PhaQxsjsYzNis3GVOh5TUprRpT5spLAd7b22y6-LEAyufkBDFWtobqEBgXqXpJWB57HVnoSIzvwYLd0gAy9MyA
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
h87tub2s6jmtb1tbe03ruvhbp6eb00f0
pixel
cm.g.doubleclick.net/ Frame 691F
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPqwmPVXosF2yrCBfFjMiEo&google_cver=1&google_push=Aa02lx_v2NA2AKYMST1j-ncCATYhHZWg0NlzHNz4G-dYXYUlI_5ALhwOh-DLvR4psdz8YWngM21Dz715R44PnkOIB...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPqwmPVXosF2yrCBfFjMiEo&google_cver=1&google_push=Aa02lx_v2NA2AKYMST1j-ncCATYhHZWg0NlzHNz4G-dYXYUlI_5ALhwOh-DLvR4psdz8YWngM21Dz715R44PnkOIB...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_v2NA2AKYMST1j-ncCATYhHZWg0NlzHNz4G-dYXYUlI_5ALhwOh-DLvR4psdz8YWngM21Dz715R44PnkOIBpay3C7yVP7Nsw&google_hm=GEsVqGZHJY088AojQkOc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_v2NA2AKYMST1j-ncCATYhHZWg0NlzHNz4G-dYXYUlI_5ALhwOh-DLvR4psdz8YWngM21Dz715R44PnkOIBpay3C7yVP7Nsw&google_hm=GEsVqGZHJY088AojQkOcurJt
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 30 Jan 2023 14:45:48 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_v2NA2AKYMST1j-ncCATYhHZWg0NlzHNz4G-dYXYUlI_5ALhwOh-DLvR4psdz8YWngM21Dz715R44PnkOIBpay3C7yVP7Nsw&google_hm=GEsVqGZHJY088AojQkOcurJt
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 691F
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEMNbQiWLD6ixbiKb1cMME-8&google_cver=1&google_push=Aa02lx9Hx0ZlGwiRqW7qcCDra35sj5r6PF0SqCL9dyU6dy7cy-3BtrFJ7etB7dhw4iJIEZt0D1iRLCXCFhpwwQOWPNr9If...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx9Hx0ZlGwiRqW7qcCDra35sj5r6PF0SqCL9dyU6dy7cy-3BtrFJ7etB7dhw4iJIEZt0D1iRLCXCFhpwwQO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx9Hx0ZlGwiRqW7qcCDra35sj5r6PF0SqCL9dyU6dy7cy-3BtrFJ7etB7dhw4iJIEZt0D1iRLCXCFhpwwQOWPNr9IfAaVgy3AQ
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=OOnRh276QmqDTfFtu4Dvow&google_push=Aa02lx9Hx0ZlGwiRqW7qcCDra35sj5r6PF0SqCL9dyU6dy7cy-3BtrFJ7etB7dhw4iJIEZt0D1iRLCXCFhpwwQOWPNr9IfAaVgy3AQ
access-control-allow-origin
*
date
Mon, 30 Jan 2023 14:45:48 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame 691F
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMEEAd93SvEWl7ZQM-TMiI0&google_cver=1&google_push=Aa02lx8p2njTYJLP5pCTzcRnKlE4XnxRKEYQudxM-vCizWtCJkiZm86eKxjxU47W0orsLiOs7kBKcuLwb7M...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx8p2njTYJLP5pCTzcRnKlE4XnxRKEYQudxM-vCizWtCJkiZm86eKxjxU47W0orsLiOs7kBKcuLwb7Me1-WE7MkkwOGzBgb8hCk
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 691F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JudV2eG0Jl07D6f87KsHs8g8qROrJOY9qU-5Yhm8mX8HHK5qIezhtworJ4W00bAbCLHl0D2Q
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ad.css
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ Frame E15E 		1 KB
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ad.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e980978372ef893e791fa10ac60561adda47a13b2fa5a10557e491808259633f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 07:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24656
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
465
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 07:54:52 GMT
img1.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16ec50bac671d303d46d078347192e3defdfebd1488991288f6182f4b6fe1488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 20:16:28 GMT
x-content-type-options
nosniff
age
152960
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36078
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jan 2024 20:16:28 GMT
img2.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9fff3f99dc21e4051a54b10c589611a6b4c56b78079c275cc9279d996950468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 07:20:58 GMT
x-content-type-options
nosniff
age
545090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45194
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jan 2024 07:20:58 GMT
img3.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b3c4a595bd63cb41b20bfa3feed5a0515c0b1ad5b943d12c50e37dcea64696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 02:16:28 GMT
x-content-type-options
nosniff
age
304160
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36124
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 02:16:28 GMT
img4.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e064bae416609c3a889384a353c1fccad530f6a9169a2dd3702aa54813d88443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 11:43:15 GMT
x-content-type-options
nosniff
age
97353
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44662
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 11:43:15 GMT
txt1.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6369d32085728856813df2a0debbfed9a2338698cbba75737849c9805a9570f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 02:29:10 GMT
x-content-type-options
nosniff
age
130598
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6882
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 02:29:10 GMT
txt1b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfb4cad9ff9a338742a03254c75f3bb152534d4209c0eacf2175f4a3091d667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 04:57:46 GMT
x-content-type-options
nosniff
age
35282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5429
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 04:57:46 GMT
txt2.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7a31f16a1a9bda77fe3d3f1201ac7e238101cd1022b68e93580fa39394fbcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 11:53:45 GMT
x-content-type-options
nosniff
age
355923
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7176
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Jan 2024 11:53:45 GMT
txt2b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb5c5298e2439eacc8bbbd3a20f56b1cb005614bb4af475a9510124c33aa3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 04:57:46 GMT
x-content-type-options
nosniff
age
35282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3772
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 04:57:46 GMT
txt3.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad2ae14f9e3a0b0f5a8ce19fef6938a770fd218074ed858feaf48cb2986c4372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 04:45:18 GMT
x-content-type-options
nosniff
age
208830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9401
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jan 2024 04:45:18 GMT
txt3b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde1e812a0335654f8b799dc109ef9c0254c72de4e35f40c20a2bdded0be19c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 02:29:12 GMT
x-content-type-options
nosniff
age
130596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4662
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 02:29:12 GMT
txt4.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e7878bbb1a0d8199e68adf0a7ffdf82a162b0a24207a696b0c5a8c3f64acc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 02:16:29 GMT
x-content-type-options
nosniff
age
304159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7513
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 02:16:29 GMT
txt4b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85d8b565ec1b8140a0f3dd1801e149bc09ee8fd650539cb35ae5aeb86faa29c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 20:03:37 GMT
x-content-type-options
nosniff
age
585731
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7018
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 20:03:37 GMT
cta_img1.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7f7b6ccfbf79cae50825d1c5bb299e19e6dcf08322824815ac50a223949b7e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 07:53:05 GMT
x-content-type-options
nosniff
age
543163
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3710
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jan 2024 07:53:05 GMT
cta_img2.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d5536790e8d7944356feaf9ae77fa4796addcfeade125e8ec10bb4b7491a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 14:08:39 GMT
x-content-type-options
nosniff
age
434229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3821
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 14:08:39 GMT
logo.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame E15E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8acb14506260c4c012ca16081656a17cbf162224ddf70d31e48e6cefb7fb6cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 02:28:28 GMT
x-content-type-options
nosniff
age
44240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4246
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 02:28:28 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E15E 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:45:48 GMT
ad.js
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ Frame E15E 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c64f55a5448751409418c195c34fdb8cab1dfa25b41eacf7e08f1dbab8c7555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 21:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579704
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2735
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 21:44:04 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=59db8558fdafc1d9df7585a50785a585_73087_1675089947358&tm=3561&eT=0&widgetWidth=480&widgetHeight=724&widgetX=490&widgetY=5454&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1988&oo=true&lo=1131&odbreq=2044&odbres=2423&mvreq=2710&mvres=4698&re=4701&cet=4g&cs=4&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:48 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
14b8d46bb46dd4740fa79fa098b9ddf0
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=ef5872fe797acde4929b0fe81ee7e96e_73087_1675089947467&tm=3562&eT=0&widgetWidth=480&widgetHeight=725&widgetX=490&widgetY=6198&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1988&oo=true&lo=1131&odbreq=2044&odbres=2423&mvreq=2710&mvres=4698&re=4707&cet=4g&cs=4&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:48 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
c552956aa00b76e980e3b71d0d69c9ea
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=fc897c5c24b8a5cccf8578b6fc4feb33_73087_1675089947581&tm=3566&eT=0&widgetWidth=480&widgetHeight=706&widgetX=490&widgetY=6943&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1988&oo=true&lo=1131&odbreq=2044&odbres=2423&mvreq=2710&mvres=4698&re=4710&cet=4g&cs=4&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:48 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
19797bb0e503dc66dd0070671e11d336
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
l
mcdp-nydc1.outbrain.com/ 		2 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=dd3be92068c1ead4f3b13ab78ac888af_73087_1675089947834&tm=3567&eT=0&widgetWidth=480&widgetHeight=725&widgetX=490&widgetY=7669&wRV=2010113&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=1988&oo=true&lo=1131&odbreq=2044&odbres=2423&mvreq=2710&mvres=4698&re=4711&cet=4g&cs=4&to=1675089943710&chs=1&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:48 GMT
Access-Control-Expose-Headers
content-range
X-TraceId
0203b195f5a75bc8056544bdc93bebb6
Content-Length
2
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
text/plain; charset=UTF-8
dt
dt.adsafeprotected.com/ Frame 10B6 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=32928a59-5cc4-c9b6-1caf-59e964cb6329&tv=%7Bc:2NaflV,pingTime:-3,time:292,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:292,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B287~0%5D,as:%5B287~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tur0IgD+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1i*.886862-62195781%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k1,idMap:1i*,rmeas:1,rend:0,renddet:DIV,siq:22%7D&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 10B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=32928a59-5cc4-c9b6-1caf-59e964cb6329&tv=%7Bc:2NaflX,pingTime:-6,time:294,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:294,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B288~0%5D,as:%5B288~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tur0IgD+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1i*.886862-62195781%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k1,idMap:1i*,rmeas:1,rend:0,renddet:DIV,siq:22%7D&tpiLookup=ao:www.zahav.ru*&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adlib.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 2882 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 11:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1870
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 11:21:32 GMT
fonts.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 2882 		1002 B
256 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 13:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
227
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 13:44:53 GMT
adStyle.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 2882 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ca835533fc4836f0ceefea006b64fdf2ff220e4af8c7f35f9feb0578ef1a963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 16:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425563
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1023
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 16:33:05 GMT
Enabler_01_248.js
s0.2mdn.net/879366/ Frame 2882 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 08:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 31 Jan 2023 08:26:43 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 2882 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:45:48 GMT
SplitText.min.js
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 2882 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/SplitText.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 20:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3818
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 20:56:37 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 2882 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 06:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10657
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 06:11:52 GMT
animation.js
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 2882 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
757c6dc6f0497810e93559029b21701920c7d217ebdd2a276fa308bc53fa7765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 17:33:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594742
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2775
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 17:33:26 GMT
dt
dt.adsafeprotected.com/ Frame E9F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e3ebd3d7-a203-0d8a-232e-9fa3dbe27979&tv=%7Bc:2Nafmu,pingTime:-3,time:209,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:320,h:50,t:199%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:209,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B202~0%5D,as:%5B192~0.0,10~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tur0IgD+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1h2%7C1h3%7C1i.886862-62195781%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1k*.886862-62195781%7C1k1%7C1k2%7C1l,idMap:1k*,rmeas:1,rend:0,renddet:svg.us,siq:25%7D&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ad.css
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ Frame AB14 		1 KB
494 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/css/ad.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e980978372ef893e791fa10ac60561adda47a13b2fa5a10557e491808259633f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 07:54:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24656
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
465
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 07:54:52 GMT
img1.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16ec50bac671d303d46d078347192e3defdfebd1488991288f6182f4b6fe1488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 20:16:28 GMT
x-content-type-options
nosniff
age
152960
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36078
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jan 2024 20:16:28 GMT
img2.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9fff3f99dc21e4051a54b10c589611a6b4c56b78079c275cc9279d996950468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 07:20:58 GMT
x-content-type-options
nosniff
age
545090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45194
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jan 2024 07:20:58 GMT
img3.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93b3c4a595bd63cb41b20bfa3feed5a0515c0b1ad5b943d12c50e37dcea64696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 02:16:28 GMT
x-content-type-options
nosniff
age
304160
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36124
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 02:16:28 GMT
img4.jpg
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/img4.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e064bae416609c3a889384a353c1fccad530f6a9169a2dd3702aa54813d88443
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 11:43:15 GMT
x-content-type-options
nosniff
age
97353
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44662
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 11:43:15 GMT
txt1.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6369d32085728856813df2a0debbfed9a2338698cbba75737849c9805a9570f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 02:29:10 GMT
x-content-type-options
nosniff
age
130598
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6882
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 02:29:10 GMT
txt1b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt1b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adfb4cad9ff9a338742a03254c75f3bb152534d4209c0eacf2175f4a3091d667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 04:57:46 GMT
x-content-type-options
nosniff
age
35282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5429
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 04:57:46 GMT
txt2.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7a31f16a1a9bda77fe3d3f1201ac7e238101cd1022b68e93580fa39394fbcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 11:53:45 GMT
x-content-type-options
nosniff
age
355923
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7176
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 26 Jan 2024 11:53:45 GMT
txt2b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt2b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcb5c5298e2439eacc8bbbd3a20f56b1cb005614bb4af475a9510124c33aa3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 04:57:46 GMT
x-content-type-options
nosniff
age
35282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3772
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 04:57:46 GMT
txt3.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad2ae14f9e3a0b0f5a8ce19fef6938a770fd218074ed858feaf48cb2986c4372
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 04:45:18 GMT
x-content-type-options
nosniff
age
208830
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9401
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Jan 2024 04:45:18 GMT
txt3b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt3b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde1e812a0335654f8b799dc109ef9c0254c72de4e35f40c20a2bdded0be19c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 02:29:12 GMT
x-content-type-options
nosniff
age
130596
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4662
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 02:29:12 GMT
txt4.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e7878bbb1a0d8199e68adf0a7ffdf82a162b0a24207a696b0c5a8c3f64acc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 02:16:29 GMT
x-content-type-options
nosniff
age
304159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7513
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 02:16:29 GMT
txt4b.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/txt4b.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85d8b565ec1b8140a0f3dd1801e149bc09ee8fd650539cb35ae5aeb86faa29c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 20:03:37 GMT
x-content-type-options
nosniff
age
585731
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7018
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 20:03:37 GMT
cta_img1.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7f7b6ccfbf79cae50825d1c5bb299e19e6dcf08322824815ac50a223949b7e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 07:53:05 GMT
x-content-type-options
nosniff
age
543163
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3710
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Jan 2024 07:53:05 GMT
cta_img2.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/cta_img2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d5536790e8d7944356feaf9ae77fa4796addcfeade125e8ec10bb4b7491a5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 14:08:39 GMT
x-content-type-options
nosniff
age
434229
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3821
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 14:08:39 GMT
logo.png
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/ Frame AB14 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/img/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8acb14506260c4c012ca16081656a17cbf162224ddf70d31e48e6cefb7fb6cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 02:28:28 GMT
x-content-type-options
nosniff
age
44240
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4246
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 02:28:28 GMT
tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame AB14 		105 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.0_499ba64a23378545748ff12d372e59e9_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35824
x-xss-protection
0
last-modified
Fri, 09 Oct 2015 14:01:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:45:48 GMT
ad.js
s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ Frame AB14 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/js/ad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c64f55a5448751409418c195c34fdb8cab1dfa25b41eacf7e08f1dbab8c7555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6053516823263476268/002_0_5_6MediumRectangle_300x250_BondCX-30__Allgemein_AlwaysOnQ2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 21:44:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579704
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2735
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 09:06:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 21:44:04 GMT
dt
dt.adsafeprotected.com/ Frame E9F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e3ebd3d7-a203-0d8a-232e-9fa3dbe27979&tv=%7Bc:2NafmC,pingTime:-6,time:217,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:217,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B210~0%5D,as:%5B192~0.0,18~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tur0IgD+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1h2%7C1h3%7C1i.886862-62195781%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1k*.886862-62195781%7C1k1%7C1k2%7C1l,idMap:1k*,rmeas:1,rend:0,renddet:svg.us,siq:25%7D&tpiLookup=ao:www.zahav.ru*&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adlib.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 905D 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlib.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 11:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
271456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1870
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 11:21:32 GMT
fonts.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 905D 		1002 B
256 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 13:44:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
227
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 30 Jan 2024 13:44:53 GMT
adStyle.css
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 905D 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adStyle.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ca835533fc4836f0ceefea006b64fdf2ff220e4af8c7f35f9feb0578ef1a963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 16:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425563
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1023
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 16:33:05 GMT
Enabler_01_248.js
s0.2mdn.net/879366/ Frame 905D 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_248.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 08:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41094
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:45:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 31 Jan 2023 08:26:43 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 905D 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:45:48 GMT
SplitText.min.js
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 905D 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/SplitText.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 20:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
409751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3818
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 25 Jan 2024 20:56:37 GMT
adlibUtils-v3.js
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 905D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 06:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10657
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 06:11:52 GMT
animation.js
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 905D 		19 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/animation.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
757c6dc6f0497810e93559029b21701920c7d217ebdd2a276fa308bc53fa7765
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 17:33:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594742
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2775
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Jan 2024 17:33:26 GMT
dt
dt.adsafeprotected.com/ Frame 10B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=32928a59-5cc4-c9b6-1caf-59e964cb6329&tv=%7Bc:2Nafn6,pingTime:-2,time:365,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1042,beZ:1043,mfA:1045,cmA:1046,inA:1047,inZ:1050,prA:1051,prZ:1059,si:1064,poA:1065,poZ:1083,cmZ:1083,mfZ:1083,loA:1336,loZ:1338,ltA:1407,ltZ:1407%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:320,h:50,t:21%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:365,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B359~0%5D,as:%5B359~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tur0IgD+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1i*.886862-62195781%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k.886862-62195781%7C1k1,idMap:1i*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,siq:22,sinceFw:342,readyFired:true%7D&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame A911 		288 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.110.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-7.vie50.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
db96082ab0c3ebb2a2ad65bf2ef851ae196a45930bfb1bf1f6a62e66fa6cb15e

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:07:14 GMT
content-encoding
gzip
via
1.1 a4035907ac3c3ba8d1fd116b6b6b9a4c.cloudfront.net (CloudFront)
last-modified
Fri, 27 Jan 2023 14:19:50 GMT
server
Apache/2.4.54 (Debian)
x-amz-cf-pop
VIE50-C2
age
2314
etag
"480ea-5f33f8eeded80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
s1703pQF18jZs30UzgW-yz_JdFZirXshmmr8jWfvGaTB5eXBAH9EQQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A911 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
742f972bdb883ceffc538615da3dfb2c08d3902686b79f495e255b05d9200fe7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27569
x-xss-protection
0
server
sffe
etag
"1467 / 133 of 1000 / last-modified: 1675080581"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 30 Jan 2023 14:45:48 GMT
dt
dt.adsafeprotected.com/ Frame E9F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e3ebd3d7-a203-0d8a-232e-9fa3dbe27979&tv=%7Bc:2Nafng,pingTime:-2,time:257,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1148,beZ:1150,mfA:1151,cmA:1153,inA:1153,inZ:1158,prA:1158,prZ:1168,si:1173,poA:1174,poZ:1192,cmZ:1192,mfZ:1192,loA:1365,loZ:1367,ltA:1405,ltZ:1405%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.50,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:24%7D,%7Br:r,w:320,h:50,t:199%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:257,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B250~0%5D,as:%5B192~0.0,58~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tur0IgD+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1h2%7C1h3%7C1i.886862-62195781%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1k*.886862-62195781%7C1k1%7C1k2%7C1l,idMap:1k*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:svg.us,siq:25,sinceFw:231,readyFired:true%7D&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7BAC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
74393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 18:05:55 GMT
expires
Mon, 29 Jan 2024 18:05:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B538
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1&google_push=Aa02lx_H6PFvvCNP3nFANkgmNBvz-bPMI6vAuKr7-270xd5nqDWLA3J8LSpuR23AvsCaFJDt1c3gHVoMxz_UqT4wTSg7EAAm2Ng
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODE0NTY5OTM5OTI4MDcxNjU0OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAzrLaAJEIfyrnhQ0wGTC10&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B538
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA8ls45UiHuu8Cx-jrRZWOU&google_cver=1&google_push=Aa02lx8MEV5E8rbj67quQLD6H0lMf4MZwzQdNrT2VC7K5sDd5z4EOkYma9...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8MEV5E8rbj67quQLD6H0lMf4MZwzQdNrT2VC7K5sDd5z4EOkYma9ALmwgdB7L7__PIWSJOjxIB1kkBcEZTaeG65Dy255Jz&google_hm=_z8BdwUVLbLT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8MEV5E8rbj67quQLD6H0lMf4MZwzQdNrT2VC7K5sDd5z4EOkYma9ALmwgdB7L7__PIWSJOjxIB1kkBcEZTaeG65Dy255Jz&google_hm=_z8BdwUVLbLTKopRTMh3Zg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aa02lx8MEV5E8rbj67quQLD6H0lMf4MZwzQdNrT2VC7K5sDd5z4EOkYma9ALmwgdB7L7__PIWSJOjxIB1kkBcEZTaeG65Dy255Jz&google_hm=_z8BdwUVLbLTKopRTMh3Zg
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B538
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDgiq7Ykvqz0hGHRgHeLLkU&google_cver=1&google_push=Aa02lx_gZQt9kftNCGdu9J95N0WJJXpk872MppKIpzh1RrDgWfQQLSgYy5ydVT0fSo_jbXCnaUZKaoeUO4A...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_gZQt9kftNCGdu9J95N0WJJXpk872MppKIpzh1RrDgWfQQLSgYy5ydVT0fSo_jbXCnaUZKaoeUO4AlXwZ1ffcP5XrKItj3&google_hm=25Mw5zC6RbyaLMC9zC6YSMo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_gZQt9kftNCGdu9J95N0WJJXpk872MppKIpzh1RrDgWfQQLSgYy5ydVT0fSo_jbXCnaUZKaoeUO4AlXwZ1ffcP5XrKItj3&google_hm=25Mw5zC6RbyaLMC9zC6YSMo
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aa02lx_gZQt9kftNCGdu9J95N0WJJXpk872MppKIpzh1RrDgWfQQLSgYy5ydVT0fSo_jbXCnaUZKaoeUO4AlXwZ1ffcP5XrKItj3&google_hm=25Mw5zC6RbyaLMC9zC6YSMo
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B538
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFErzBKa0hqiIjitq19bt9k&google_cver=1&google_push=Aa02lx9slm1WqaOp19840zpW6dc4_j187383fR2JGLwEYsG76NLA2zn8hEXLXLWP9aNODpTYR4A5IGMKNjIuat9C...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9VBJN13DTzeYYCj9FtDTJw2&google_push=Aa02lx9slm1WqaOp19840zpW6dc4_j187383fR2JGLwEYsG76NLA2zn8hEXLXLWP9aNODpTYR4A5IGMKNjIuat9CzwZAPHhKioUG
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9VBJN13DTzeYYCj9FtDTJw2&google_push=Aa02lx9slm1WqaOp19840zpW6dc4_j187383fR2JGLwEYsG76NLA2zn8hEXLXLWP9aNODpTYR4A5IGMKNjIuat9CzwZAPHhKioUG
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 30 Jan 2023 14:45:48 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9VBJN13DTzeYYCj9FtDTJw2&google_push=Aa02lx9slm1WqaOp19840zpW6dc4_j187383fR2JGLwEYsG76NLA2zn8hEXLXLWP9aNODpTYR4A5IGMKNjIuat9CzwZAPHhKioUG
x-host
tde-deliveryengine-production-fb497649f-dfbbt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame B538
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPqwmPVXosF2yrCBfFjMiEo&google_cver=1&google_push=Aa02lx__XhF2MG7RsELh7miU99w50qlIzc1AmyhQeyYuIe6cUBR2unmR4FgbNB-TQtTod8FuezHKyXZX_pn1-wPR1...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEPqwmPVXosF2yrCBfFjMiEo&google_cver=1&google_push=Aa02lx__XhF2MG7RsELh7miU99w50qlIzc1AmyhQeyYuIe6cUBR2unmR4FgbNB-TQtTod8FuezHKyXZX_pn1-wPR1...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx__XhF2MG7RsELh7miU99w50qlIzc1AmyhQeyYuIe6cUBR2unmR4FgbNB-TQtTod8FuezHKyXZX_pn1-wPR1fXBAxf9yDtz&google_hm=GEsVqGZHJY088AojQkOcurJt
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx__XhF2MG7RsELh7miU99w50qlIzc1AmyhQeyYuIe6cUBR2unmR4FgbNB-TQtTod8FuezHKyXZX_pn1-wPR1fXBAxf9yDtz&google_hm=GEsVqGZHJY088AojQkOcurJt
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 30 Jan 2023 14:45:48 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx__XhF2MG7RsELh7miU99w50qlIzc1AmyhQeyYuIe6cUBR2unmR4FgbNB-TQtTod8FuezHKyXZX_pn1-wPR1fXBAxf9yDtz&google_hm=GEsVqGZHJY088AojQkOcurJt
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame B538
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEB...
  • https://sync.targeting.unrulymedia.com/csync/RX-334c9d14-522e-465d-bcb1-937c671fc7b0-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx-WUeas578lkZoosCUQj...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-WUeas578lkZoosCUQjQKTWQ-MvktXaxyQVTaFvOrYT4A7eRZIdS1C79b1Ik4Zn52nSfkPQTySuvw67DuOvNVWzbfGMVVS&google_hm=AzNMnRRSLkZdvLGTfGcfx7A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-WUeas578lkZoosCUQjQKTWQ-MvktXaxyQVTaFvOrYT4A7eRZIdS1C79b1Ik4Zn52nSfkPQTySuvw67DuOvNVWzbfGMVVS&google_hm=AzNMnRRSLkZdvLGTfGcfx7A
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx-WUeas578lkZoosCUQjQKTWQ-MvktXaxyQVTaFvOrYT4A7eRZIdS1C79b1Ik4Zn52nSfkPQTySuvw67DuOvNVWzbfGMVVS&google_hm=AzNMnRRSLkZdvLGTfGcfx7A
date
Mon, 30 Jan 2023 14:45:48 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX334c9d14522e465dbcb1937c671fc7b0003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame B538
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELr23G38neR9gz50Z8__-ZM&google_cver=1&google_push=Aa02lx8i6NpqnbVECy5a0_p6u-KsQdtKGB6ylmru7WUe1mWXLSiv81RAlVZ5iaL0i9fjzUTtLjP8TXhnl1FqoUHel5YsWQEgL68U
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8i6NpqnbVECy5a0_p6u-KsQdtKGB6ylmru7WUe1mWXLSiv81RAlVZ5iaL0i9fjzUTtLjP8TXhnl1FqoUHel5YsWQEgL68...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx8i6NpqnbVECy5a0_p6u-KsQdtKGB6ylmru7WUe1mWXLSiv81RA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx8i6NpqnbVECy5a0_p6u-KsQdtKGB6ylmru7WUe1mWXLSiv81RAlVZ5iaL0i9fjzUTtLjP8TXhnl1FqoUHel5YsWQEgL68U
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx8i6NpqnbVECy5a0_p6u-KsQdtKGB6ylmru7WUe1mWXLSiv81RAlVZ5iaL0i9fjzUTtLjP8TXhnl1FqoUHel5YsWQEgL68U
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame B538 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1PrO_MTxOxbGmuGqX3mYTy_4PgEafvLS0BlgggaTuzUk8bt3cKiIzCIHhCrkkun4ckKn2
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0971 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
74393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 18:05:55 GMT
expires
Mon, 29 Jan 2024 18:05:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
i.match
a.tribalfusion.com/ Frame 96F9 		43 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEKpp2MgaJ57bH96VIuBmIbo&google_cver=1&google_push=Aa02lx8f3kA8JoCNNAacVx5TFEMy-qke1-UBal0oDJz--pIJTOemydqH0mjsBZYQn9u7Un6e6QjjEOvJ3SGKamw65U2mwkad4BF1&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8f3kA8JoCNNAacVx5TFEMy-qke1-UBal0oDJz--pIJTOemydqH0mjsBZYQn9u7Un6e6QjjEOvJ3SGKamw65U2mwkad4BF1%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
791afe525db68fe8-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 96F9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_push=Aa02lx81MF7hAw_c4xtEG-_UPbTT4mCKNSb4QdUZ60rNeBvGr5UAEbgtDv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_push=Aa02lx81MF7hAw_c4xtEG-_UPbTT4mCKNSb4QdUZ60rNeBvGr5UAEbgtDvPjlNy1eF3Zujbk34fS3EwIrAg-uHFG1lrYwD5s5Yg0
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220040-HHN
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1675089949.586494,VS0,VE96
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_push=Aa02lx81MF7hAw_c4xtEG-_UPbTT4mCKNSb4QdUZ60rNeBvGr5UAEbgtDvPjlNy1eF3Zujbk34fS3EwIrAg-uHFG1lrYwD5s5Yg0
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 96F9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx_abeLNCJer6R_a1xLfYr2SLFDOkS7mnDiGnwdp7yw1Z2VT2eydows3tfXZCGx2jbTThe9hnD-X...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx_abeLNCJer6R_a1xLfYr2SLFDOkS7mnDiGnwdp7yw1Z2VT2eydows3tfXZCGx2jbTThe9hnD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx_abeLNCJer6R_a1xLfYr2SLFDOkS7mnDiGnwdp7yw1Z2VT2eydows3tfXZCGx2jbTThe9hnD-X2egD90Z3kituYm_2Dtdg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx_abeLNCJer6R_a1xLfYr2SLFDOkS7mnDiGnwdp7yw1Z2VT2eydows3tfXZCGx2jbTThe9hnD-X2egD90Z3kituYm_2Dtdg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 96F9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIgJSsx2mUbeNM1H0UNF5y8&google_cver=1&google_push=Aa02lx-3RAvU8y2VRe1yNFiBqnlRrOiAPpeE3AuT9inrxnWupWTqSl7HmPWkCki9x2erY0DbIrz...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE&google_push=Aa02lx-3RAvU8y2VRe1yNFiBqnlRrOiAPpeE3AuT9inrxnWupWTqSl7HmPWkCki9x2erY0DbIrzgW9rzqUasiN-K2Q3sFnNO7LY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE&google_push=Aa02lx-3RAvU8y2VRe1yNFiBqnlRrOiAPpeE3AuT9inrxnWupWTqSl7HmPWkCki9x2erY0DbIrzgW9rzqUasiN-K2Q3sFnNO7LY
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE&google_push=Aa02lx-3RAvU8y2VRe1yNFiBqnlRrOiAPpeE3AuT9inrxnWupWTqSl7HmPWkCki9x2erY0DbIrzgW9rzqUasiN-K2Q3sFnNO7LY
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 96F9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx9p0pFUWqfBsTSI0ewlHAmPXrkqr6vNg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx9p0pFUWqfBsTSI0ewlHAmPXrkqr6vNggSnAp2_3b83NHOhB9qG6X03zVqBIXcWvdxfOBJAJEA-t3Z1L5_W2SUAcQ9_sofT
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=detAoZ6yAmxDJmCIc16O37YOc%2BAYuw8BCUs8FL%2BIzuJuXqPsR%2BAi65sxQ%2BqCi864zEe8ZfC24onv1gALFasxghX%2BW2wKzs7QFj3G7rNSnJj3Tw2rzmMa%2FSYuNh3ZHMEZLRlfmH8kciAS3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&google_nid=index&google_push=Aa02lx9p0pFUWqfBsTSI0ewlHAmPXrkqr6vNggSnAp2_3b83NHOhB9qG6X03zVqBIXcWvdxfOBJAJEA-t3Z1L5_W2SUAcQ9_sofT
cache-control
no-cache
cf-ray
791afe525c999b33-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 96F9
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELr23G38neR9gz50Z8__-ZM&google_cver=1&google_push=Aa02lx9kx1Pj3T1nlLOekvGsw9SfqUfzG7D7wvtVDcxmj7f5DzRcIwa_AyCM5I29YPjbSAQfKRcUDuUxkewFUATzjGr2g1uo523A
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx9kx1Pj3T1nlLOekvGsw9SfqUfzG7D7wvtVDcxmj7f5DzRcIwa_AyCM5I29YPjbSAQfKRcUDuUxkewFUATzjGr2g1uo523...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx9kx1Pj3T1nlLOekvGsw9SfqUfzG7D7wvtVDcxmj7f5DzRcIwa_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx9kx1Pj3T1nlLOekvGsw9SfqUfzG7D7wvtVDcxmj7f5DzRcIwa_AyCM5I29YPjbSAQfKRcUDuUxkewFUATzjGr2g1uo523A
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx9kx1Pj3T1nlLOekvGsw9SfqUfzG7D7wvtVDcxmj7f5DzRcIwa_AyCM5I29YPjbSAQfKRcUDuUxkewFUATzjGr2g1uo523A
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 96F9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELXcRkoFrcT_twL0NJWgcEI&google_cver=1&google_push=Aa02lx8SM4-vk86nSHLaJR7O-o1gKy7HrqrK1-jxjS6oc3LezH8KtF8s0FE8a4T0rfyD-jBqcX...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESELXcRkoFrcT_twL0NJWgcEI&google_cver=1&google_push=Aa02lx8SM4-vk86nSHLaJR7O-o1gKy7HrqrK1-jxjS6oc3LezH8KtF8s0FE8a4T0rfyD-jBqcX...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sYjh0a3dWRTJ1RXlUamxzWklQSWw4Yl8waHN1OVNGMX5B&google_push=Aa02lx8SM4-vk86nSHLaJR7O-o1gKy7HrqrK1-jxjS6oc3LezH8KtF8s0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sYjh0a3dWRTJ1RXlUamxzWklQSWw4Yl8waHN1OVNGMX5B&google_push=Aa02lx8SM4-vk86nSHLaJR7O-o1gKy7HrqrK1-jxjS6oc3LezH8KtF8s0FE8a4T0rfyD-jBqcXWUeOb_CUc2IaxkAAGLskGzMNJ3LA
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1sYjh0a3dWRTJ1RXlUamxzWklQSWw4Yl8waHN1OVNGMX5B&google_push=Aa02lx8SM4-vk86nSHLaJR7O-o1gKy7HrqrK1-jxjS6oc3LezH8KtF8s0FE8a4T0rfyD-jBqcXWUeOb_CUc2IaxkAAGLskGzMNJ3LA
date
Mon, 30 Jan 2023 14:45:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 96F9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I8cKQh_hyIi-_rrdH8ghh-s7vfkVeRp48qYXop8LhjNiYYWvUbYcbdmnHJAemz_bJNyOM9fw
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sca.17.6.2.js
static.adsafeprotected.com/ Frame 898C 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:0:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
11315372
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
kE_jXJsXCOsU_redQDfTDMmIo0G_o3bTnCe0_ngnX30uQv4CG1wqaQ==
mon
pixel.adsafeprotected.com/ Frame 8F9D 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=18636685641&pubId=1&placementId=396814515&adsafe_par&bundleId=&dealId=&bidurl=https://www.zahav.ru/&adsafe_url=https%3A%2F%2Fwww.zahav.ru&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.zahav.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:f616c83a-81b3-0835-13af-6914cbc575af,c:2Nafoa,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-bb8697c85-s8nn6,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:673,mot:0,app:0,maw:0,fm:tur0Icm+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f*.925113%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1k3%7C1k4%7C1l,idMap:1f*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:697,oid:c85cd770-a0ac-11ed-81b6-167d5d07f29d,v:19.8.385,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.7.182 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-7-182.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
app09.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 448B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
74393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 18:05:55 GMT
expires
Mon, 29 Jan 2024 18:05:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 1A13
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHyvN9u_-isPPJv6AKkd0-g&google_cver=1&google_push=Aa02lx_3m7D03kgAiLoZg6-J6fZoKgqo52DSogs5fUf-v9TslzaETh7k2DnPwknhIy7tpH2m1jRrPOiSaCOaUGkb...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_3m7D03kgAiLoZg6-J6fZoKgqo52DSogs5fUf-v9TslzaETh7k2DnPwknhIy7tpH2m1jRrPOiSaCOaUGkbaCGvHu35aIBQVg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_3m7D03kgAiLoZg6-J6fZoKgqo52DSogs5fUf-v9TslzaETh7k2DnPwknhIy7tpH2m1jRrPOiSaCOaUGkbaCGvHu35aIBQVg
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 30 Jan 2023 14:45:48 GMT
Server
MT3 404 ce67235 master zrh-pixel-x30 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_3m7D03kgAiLoZg6-J6fZoKgqo52DSogs5fUf-v9TslzaETh7k2DnPwknhIy7tpH2m1jRrPOiSaCOaUGkbaCGvHu35aIBQVg
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 30 Jan 2023 14:45:47 GMT
pixel
cm.g.doubleclick.net/ Frame 1A13
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_push=Aa02lx-JaEh3TdG0PpPfaqfF9Gb5ZMLqYpodTIzYNtiVUlWPWrNXKk4XAz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_push=Aa02lx-JaEh3TdG0PpPfaqfF9Gb5ZMLqYpodTIzYNtiVUlWPWrNXKk4XAzkbmbeDzTSudgq3ShbJLy483ueS8oMSJSFsnNY2U20owA
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220040-HHN
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1675089949.603016,VS0,VE176
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_push=Aa02lx-JaEh3TdG0PpPfaqfF9Gb5ZMLqYpodTIzYNtiVUlWPWrNXKk4XAzkbmbeDzTSudgq3ShbJLy483ueS8oMSJSFsnNY2U20owA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 1A13 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELk6Xol7AOeBQQXeoeGmaOk&google_cver=1&google_push=Aa02lx9i3Hi2DKPgDWK0F65223BNVEWn4Y8Wi_g8x7XNvu5r0zbuDbdRluXa_UfeqO3D6ucxc2MhVXghw_SSoBLj3hLODtS1v4VS3g
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1A13 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELmBMRkz8aJ8KoPxa9jw4wQ&google_cver=1&google_push=Aa02lx-WAWt62CF4-bM_kEiZuSoVy5ymUaAlExouPRxSmE-xVLQrCdyGTAfKELhNtSHoJtnTv3UqqbOHI1CXRtbDJBQTZ6mM7yvZ
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 1A13
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJsMzd6R4kniIH4bbQm8Xr0&google_cver=1&google_push=Aa02lx_kVcD1s4rxu4LlO0xFCrhzWcyeAaq3QEcMkUs-5SIqCtyZb_7yYEOf8Q2hxxBIbozx1QfRylXkg1K0Ud5exWhaSbs...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_kVcD1s4rxu4LlO0xFCrhzWcyeAaq3QEcMkUs-5SIqCtyZb_7yYEOf8Q2hxxBIbozx1QfRylXkg1K0Ud5exWhaSbsvulUKpw&google_hm=eS1GbDNJcXZ4RTJwRXJl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_kVcD1s4rxu4LlO0xFCrhzWcyeAaq3QEcMkUs-5SIqCtyZb_7yYEOf8Q2hxxBIbozx1QfRylXkg1K0Ud5exWhaSbsvulUKpw&google_hm=eS1GbDNJcXZ4RTJwRXJlZmZEX3FHV1dnUFI4cGlBcHpwVH5B
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 30 Jan 2023 14:45:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_kVcD1s4rxu4LlO0xFCrhzWcyeAaq3QEcMkUs-5SIqCtyZb_7yYEOf8Q2hxxBIbozx1QfRylXkg1K0Ud5exWhaSbsvulUKpw&google_hm=eS1GbDNJcXZ4RTJwRXJlZmZEX3FHV1dnUFI4cGlBcHpwVH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1A13
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKLWKdtUjdGfoFl5wtHyBgg&google_cver=1&google_push=Aa02lx81p7CEtVK6HvmAOzwQHO-RbVvWbKePURw5QwzRDOXIHZSRloYilAMi_8T8bgZDCdqt0Epf25m3...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx81p7CEtVK6HvmAOzwQHO-RbVvWbKePURw5QwzRDOXIHZSRloYilAMi_8T8bgZDCdqt0Epf25...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx81p7CEtVK6HvmAOzwQHO-RbVvWbKePURw5QwzRDOXIHZSRloYilAMi_8T8bgZDCdqt0Epf25m3nY835YT8vjXLwA7VpoYkrQ
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA4MDY3MTQ2NDU2NzUzMDA1OQ&google_push=Aa02lx81p7CEtVK6HvmAOzwQHO-RbVvWbKePURw5QwzRDOXIHZSRloYilAMi_8T8bgZDCdqt0Epf25m3nY835YT8vjXLwA7VpoYkrQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
onetag-sys.com/match/ Frame 1A13
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEMEEAd93SvEWl7ZQM-TMiI0&google_cver=1&google_push=Aa02lx-g1UmqqZtofKjdGsIx8_DmYwkJnsN8nP8WIaPu5F89km9dgVrMm4biAGcrvN-tWLZGFgAjKQW2mGh...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx-g1UmqqZtofKjdGsIx8_DmYwkJnsN8nP8WIaPu5F89km9dgVrMm4biAGcrvN-tWLZGFgAjKQW2mGhX4T2DjtoZJOLOuwOsKA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1A13 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgC3KmxrJ9MeHu94TGhR0zxi5AMGeT5TkLjjYJ-Cj4gWs4ligqJJrdhHw2iVogERN7cDKaIQ
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8B91 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
74393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 29 Jan 2023 18:05:55 GMT
expires
Mon, 29 Jan 2024 18:05:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 4AA3 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDcG-di5gn8m9Clbgw3Ml1I&google_cver=1&google_push=Aa02lx-nwUKIaInp-wkXfBKFnXriwSW-I5-PI8FC-aKJxHIU0URjY7E_9AsApmWXsIabhJjr8i_C9ytMRqWGcRPx6DC2XPaAx3Ab_g
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame 4AA3 		0
0
pixel
cm.g.doubleclick.net/ Frame 4AA3
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBtB1VePVjlwjKZNjLSfcbg&google_cver=1&google_push=Aa02lx_1gRTHptBdBpfnnKbqDt0PU-myulvhS3rnZ6eqDvsu8C0mQMU_aYiR9isKR6jqN3S-kJpqRNoJWBXnc0dj2qFF3FQVWkln
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=051F2CFCF7EB4D0183562ED60AF623C2&google_push=Aa02lx_1gRTHptBdBpfnnKbqDt0PU-myulvhS3rnZ6eqDvsu8C0mQMU_aYiR9isKR6jqN3S-kJpqRNoJWBXnc0d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=051F2CFCF7EB4D0183562ED60AF623C2&google_push=Aa02lx_1gRTHptBdBpfnnKbqDt0PU-myulvhS3rnZ6eqDvsu8C0mQMU_aYiR9isKR6jqN3S-kJpqRNoJWBXnc0dj2qFF3FQVWkln
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 30 Jan 2023 14:45:48 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=051F2CFCF7EB4D0183562ED60AF623C2&google_push=Aa02lx_1gRTHptBdBpfnnKbqDt0PU-myulvhS3rnZ6eqDvsu8C0mQMU_aYiR9isKR6jqN3S-kJpqRNoJWBXnc0dj2qFF3FQVWkln
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 29 Jan 2023 14:45:48 GMT
pixel
cm.g.doubleclick.net/ Frame 4AA3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP2iJnHbdnT919bwvEutFJw&google_cver=1&google_push=Aa02lx_l8xpKq2ETpzxR16iVZjIRnPnv4QeeutJbU2gqvavKsj_wUL9iuI0lse4s7yLRO2ee7Kx5FyBFOCGa8i...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NDQ1NjU0NDU1MjU0ODQ5Nw%3D%3D&google_push=Aa02lx_l8xpKq2ETpzxR16iVZjIRnPnv4QeeutJbU2gqvavKsj_wUL9iuI0lse4s7yLRO2ee7Kx5FyBFOCGa8irF9m...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NDQ1NjU0NDU1MjU0ODQ5Nw%3D%3D&google_push=Aa02lx_l8xpKq2ETpzxR16iVZjIRnPnv4QeeutJbU2gqvavKsj_wUL9iuI0lse4s7yLRO2ee7Kx5FyBFOCGa8irF9mIg4dMgnYGi4A
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE5NDQ1NjU0NDU1MjU0ODQ5Nw%3D%3D&google_push=Aa02lx_l8xpKq2ETpzxR16iVZjIRnPnv4QeeutJbU2gqvavKsj_wUL9iuI0lse4s7yLRO2ee7Kx5FyBFOCGa8irF9mIg4dMgnYGi4A
Date
Mon, 30 Jan 2023 14:45:48 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 4AA3
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7kubSRxPQ4GKSTFeQkIosw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7kubSRxPQ4GKSTFeQkIosw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_PK6UEBjSxnhsJF1BWrtGk3QJ2NOuFkZhbdbCzZ8YlgWYV_TnCTl6-7qJelrcEeC6bg3AWyPSGuw2YNhTr5Iyq1nNV3JdY
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=7kubSRxPQ4GKSTFeQkIosw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aa02lx_PK6UEBjSxnhsJF1BWrtGk3QJ2NOuFkZhbdbCzZ8YlgWYV_TnCTl6-7qJelrcEeC6bg3AWyPSGuw2YNhTr5Iyq1nNV3JdY
date
Mon, 30 Jan 2023 14:45:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4AA3
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMEEAd93SvEWl7ZQM-TMiI0&google_cver=1&google_push=Aa02lx9wzQxSGDaBrovlFEQlwKNU2u69eYu2GhoYdovSMs4avx9Y6EkjXFnDzfImZRUrqOU2hXqFYOAxsOpR...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9wzQxSGDaBrovlFEQlwKNU2u69eYu2GhoYdovSMs4avx9Y6EkjXFnDzfImZRUrqOU2hXqFYOAxsOpR01obTQIptF--1S-7
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9wzQxSGDaBrovlFEQlwKNU2u69eYu2GhoYdovSMs4avx9Y6EkjXFnDzfImZRUrqOU2hXqFYOAxsOpR01obTQIptF--1S-7
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aa02lx9wzQxSGDaBrovlFEQlwKNU2u69eYu2GhoYdovSMs4avx9Y6EkjXFnDzfImZRUrqOU2hXqFYOAxsOpR01obTQIptF--1S-7
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 4AA3
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESELr23G38neR9gz50Z8__-ZM&google_cver=1&google_push=Aa02lx-qPgoQERdRROm-_Tji5SnDLdXK8AY3lyVDkjkE1qYXdQHqqGAExQ5aCvSOjwLFgbbuWwl-gqjCykFMeU_LDeQ7Ma5uJt...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx-qPgoQERdRROm-_Tji5SnDLdXK8AY3lyVDkjkE1qYXdQHqqGAE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx-qPgoQERdRROm-_Tji5SnDLdXK8AY3lyVDkjkE1qYXdQHqqGAExQ5aCvSOjwLFgbbuWwl-gqjCykFMeU_LDeQ7Ma5uJtGQ2Q
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzkyOTE5MzEzMDg3NjcwMTgxOTg2NA%3D%3D&google_push=Aa02lx-qPgoQERdRROm-_Tji5SnDLdXK8AY3lyVDkjkE1qYXdQHqqGAExQ5aCvSOjwLFgbbuWwl-gqjCykFMeU_LDeQ7Ma5uJtGQ2Q
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 4AA3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jf8a070ALlXgyOUGGBBZ2fhvo9DM4gDxHQpffbiCXBXQFOIejVjPBcqcGe7B1DuIcWVpZZ
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame 8F9D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=f616c83a-81b3-0835-13af-6914cbc575af&tv=%7Bc:2Nafpp,pingTime:-3,time:773,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:696%7D,%7Bpiv:0,vs:o,r:l,t:772%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:773,n:772,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:696,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B96~1,0~0%5D,as:%5B96~160.600%5D%7D%7D,%7Bsl:o,t:772,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tur0Icm+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f*.925113%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1k3%7C1k4%7C1l,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:697%7D&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 8F9D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=f616c83a-81b3-0835-13af-6914cbc575af&tv=%7Bc:2Nafpq,pingTime:-6,time:774,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:774,n:772,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:696,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B96~1,0~0%5D,as:%5B96~160.600%5D%7D%7D,%7Bsl:o,t:772,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tur0Icm+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f*.925113%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1k3%7C1k4%7C1l,idMap:1f*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:697%7D&tpiLookup=ao:www.zahav.ru*&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 31 Jan 2023 14:45:48 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame D3D2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8F9D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstc-hafOLq9W1NaJSKc8wBBbLj44nNeb9BJ6TkMUHV_shpO64DSCu6obA12rDQy3tDGE5saX1WaZtZdj26sWrgBak4rdtL9c2VlPUL-yz7Slzmoo3abdfVyZwbYUblU8JMbRjworPT_cRSHA_pcNBiGci1aS39WUnHYgEQXYGG7CsWlnsgI-zxcgVtT8ygPBtGsnnyWBwpDIWlloMg8iBkOsvPTAQZLJPNl252VZgVbcbCK2_kwp6g9xUwWlN2EhA-UdQAQH3HImZ4ltt8vG2_YZryOsXafx8fwGHTBYMZcgzksJ4fGRONpdltIu0zbj8CWbowvordBq63CTkGU9e380pPO2HxzHBQFKWt0wJLFprMYkxqmChNouqIyZOWGolzhCVvhl_QRF8cxgM1z2rA7xfC4bfQ-QsKVzZaNPwSDeNqre3FATgySYNAGDT5m2tGMAvhqsRJeDxYqYg8_8XPykn6lsuJ5oa8U14ViJ590xGcMtN435khglFPDcGGgb2dQcwsfRQt4vTtNVOb_3dmy-hFSAUZKPWHivdvoWBnoZH6v6q15oWlm75yBl1zBWVc9tHZTqfnx8Mqy1iISJDPZvXxPzr7CXNry09uSrQy-_0dsPSfnVQfmlXHCmdKRoR_bidY68BAiJsbawlynXINtUJRN541uUP68mmJTmytF31F2Hh5xq6nJ6JFePDkwP-89i6iN0pS7QnIGbzKrOcXDqDPhXjxEJgcL4pdxYz-dCw672yVVwqo2oUceNnZgTSLNPTlBeJcBa0WwWWB1eUPanYtauwUIv6Taf1mZet7Pg_Di74DH3_cj-tP-0Cg_0W-0MVJxMJUM0SL7jwcQaErdVS0OVcMFtjFuBvZLX3QNFKneIHS1VXhLUIB1UEOKRMCwqPac3iQ2TNut-NHHlLHfhd3EYP11uWdwto2HSmbH9PXGbl4yQDIuRKVd0PmQoS0hU6eePUGbrGAfpoOY-srFfUE_8HnGeHlS7x7SfhRn1AndJZY8ZCEiBaw17FeFB6n5wmcxuIKWoKpGxqmUoPNQbBnkqgh8S1HmUoEs6cMsYXw2iH_AHp5T2szpo4-gpN9gB-hiPYicnqElcxL25Wo3laG-2Fv7-SP4J_pCuOTQlj2ENxoUmdsNufh32nQT2od6dS2fu7GM2r4R6k09KfF17w_dVjKRu8e0WWHptQqz7BqPJg3TjMbFnxWapJCo4fXPalyeYeb-DWuTIKYwdeW2UReQkn62NvS4QXE2xkqPIxnZt3fZqjzQI4UYVBfPZc-n9q02GcA3IEecI49NMAjkdZu2H0cGUmmriU6A3GXb0hMW90-OpPk9&sai=AMfl-YT0UjE0EuCjZJk2uYrHbeFFIwCcxfQSBvhxEqnRbqNWV-eFqoy9qnHIcC2-LOxCCAv5A-nxfEkjsPYE1EKW-1FXe2-O1p89GBy_G0M-DXOUID0mXWhhF0efolYoZ5cYyJJ_RHS9qs0jwZYcg3d_ExigCu8T-lRpx7eD_Bb6ur-4KsHPjkr8kdd_-KWBGrGwd5Mwpzzz-X0gpeQ8g0LYAdLoGAaq5tDP0q1-p69KkLo3t53Q8QQGUaLn-sq3uHFsCGeNWe5aYH8&sig=Cg0ArKJSzBuzPxADK1KjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=980&vt=11&dtpt=683&dett=3&cstd=292&cisv=r20230124.83871&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
dt
dt.adsafeprotected.com/ Frame 8F9D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=f616c83a-81b3-0835-13af-6914cbc575af&tv=%7Bc:2Nafqj,pingTime:-2,time:829,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:799,beZ:801,mfA:1472,cmA:1473,inA:1474,inZ:1477,prA:1477,prZ:1489,si:1496,poA:1497,poZ:1511,cmZ:1511,mfZ:1511,loA:1573,loZ:1578,ltA:1628,ltZ:1628,mdA:801,mdZ:859,idA:1511,idZ:1550%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:696%7D,%7Bpiv:0,vs:o,r:l,t:772%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:829,n:772,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:696,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B96~1,0~0%5D,as:%5B96~160.600%5D%7D%7D,%7Bsl:o,t:772,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B57~0%5D,as:%5B57~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tur0Icm+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f*.925113%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1i.886862-62195781%7C1i1%7C1i2%7C1i3%7C1i4%7C1i5%7C1j1%7C1j2%7C1j3%7C1j4%7C1k.886862-62195781%7C1k1%7C1k2%7C1k3%7C1k4%7C1l,idMap:1f*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:697,sinceFw:130,readyFired:true%7D&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt25.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
lg.php
cdn.firstimpression.io/delivery/ Frame A911 		1 B
443 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=97043%7C97045%7C97046%7C97047%7C97048%7C101156&campaignid=9%7C7%7C11%7C16%7C18%7C34&zoneid=114914%7C114914%7C114914%7C114914%7C114914%7C114914
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-118.fra2.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
via
1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
server
Apache/2.4.38 (Debian)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
AxF3D8SCw8MgG9rDvEguxAvVYHapHqOnr44N7jJryQerkUt6bi03aA==
expires
0
v1
tracking1.firstimpression.io/habit/ Frame A911 		2 B
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.153.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
cygnus
htlb.casalemedia.com/ Frame A911 		36 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=711590&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221c9ec859078ddf%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%2C%22page%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.23.0-FI%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222b50cd448b83ec%22%2C%22banner%22%3A%7B%22topframe%22%3A0%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22711590%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22firstimpression.io%22%2C%22sid%22%3A%226962%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116929ada3d58f1c2c9058d5f371da36818df5fd7e20cc3ea69130442c7cbc95

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2ol%2B7vvXDG1d%2BZeaoptG5evep28CVotBvJbPEFOuusU7IFPpDNDJW26yTFgDyRWkALgy%2BaLqNvenOQ59ntSDZOFaTYi7N1KqGYC5D%2BE08qzujhylLXADW7ylOstF6SMakVw169T"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
791afe539ab19a39-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A911 		256 B
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=10&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.figroup=a23&tk_flint=pbjs_lite_v6.23.0-FI&x_source.tid=bc58d4f3-6cf7-4014-b65f-39aee854cfb6&l_pb_bid_id=4393ec0199256e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.16078711964557368
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
68c05d4bbba854242586c2bbb978a8894caea24ec19025668700bdf02676ac53

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
256
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame A911 		138 B
943 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4093ceb3865daa1a962c13395fa4c1190e141354a23e9cdbfbf68a4e5bd1b278
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:48 GMT
AN-X-Request-Uuid
3ae2cd65-bb7a-4b62-80a7-40149b14481f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
firstimpression-d.openx.net/w/1.0/ Frame A911 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://firstimpression-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bc58d4f3-6cf7-4014-b65f-39aee854cfb6&nocache=1675089948731&schain=1.0%2C1!firstimpression.io%2C6962%2C1%2C%2C%2C&aus=300x600&divids=fiInstance_114914_0_796338056276903_unit&aucs=&auid=545675737
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
96f15469b5ec631a13ef9e466f339217925a922928db15883e779d7546664fdf

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.zahav.ru
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame A911 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Mon, 30 Jan 2023 14:45:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 7BAC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CFE1 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstknlJ1Dogj7hHXsAEvzqZkKrhwPLiHl0M1BpUsSOi_CYTiFF1jvgkj4dn2ZF_yi5DJOZNSzZQa88THDaKK3JOVwPKbFF1ckMz-5aFmsRVd0dn6vyfSAXf8zjzlGvcp745FEAlJuA&sai=AMfl-YTbnkevwWZSMy1vzd0lAG7sdyF0RxApM3nNlrmg1sI4G3QIlzmuqUHwcoLwx7-cNCxqfVgRnn9rvQTBQO0MxfpratSi8pYKPkiPRXszJNIKAZaBKtFUJxPx9NmRRw&sig=Cg0ArKJSzLLdARoI4ZZpEAE&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&id=ampim&o=496,835&d=468,60&ss=1600,1200&bs=1600,1200&mcvt=1057&mtos=0,0,1057,1057,1057&tos=0,0,1057,0,0&tfs=611&tls=1668&g=99.34895634651184&h=99.34895634651184&tt=1668&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 0971 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A135 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvQTfQSaBhEWo0_5v7CdJESIQk2DUujBpJ1B4EQT-jXs4AS82J_GqxRFZ7z-zK6ryr14eoXxtmmSXCi0pfdjGYPUkgBehUTfNSkRwQe7GKTKykGlD8cE1TG63pEI1Mq77ryYaGQJqaYkGCidNcGQvBHZ7FjqeDhyk8Nil3eMA4KLexbA2eg9Qr_EDnls65XWDaM6xPJ9O29Eb53oEXZQQRGPMl64LrCOxxo0tNVdFBYou-e0gvgcgox8TcS8LrfbaPLljuLC_9aIqjzbfGnj7FkAUQ54doBz-i755MZHp0EYtwY6McblTumYlIWOy-OIbGuEa7QrUHoNYNtHyMDaH5HTztrLrB6q3uK8jA4huqNENxS5e8ivqYYUbaFp_9rwZ3v4hUa1kn2uetUNJeaYRn7kLqOMMubrO3nFRqsKH_yonCnHHtyNCI1p69J55FSmP6Ff7iVwcLzRzpl1YtY5YqMMHQa7iC5revIdaV-8b5nGdpXL5goA5pcJP81RgDPxGKDr2CXKcweZqSZW5qxOCW65Vztu0mBORxaVESVoN2FB7q8oJQv7Dk3o4l3vmwyEBPpHtm87-GhwLdr7PVvs2bkXfWy5aJFO6UgCLUOCSLsxx_zyIegqgx_oyzNhc4i28Df8SL7QdWGd85mvxEjVjto9pHJ6Ogw4HWt6nZDQcLns3TkC3PoAWT_FWOeyzeQc02iNFJX-7Vj_vxKI9e0q8vHKhtozA-gBlmb_JVAkKOMRd4ZEe98yBZBgHJmQt4AV64gbs4KlOk57mzsBbC6U0-D9uHXM98Rtc342tv3_NpBanlXEwsDU_x1tGzXij4bM7_sTEwRmMlzO-VOGf8qtBmBQOu_RJwz0M0gQ7UP3CEQ9io1EVQWiD8QjbbtDPpbZI9UpjDLZFQ8ReVctq9TFhk020zlwjyArvy24xXb14QKC5Qfj-uQJo268moAMgrqwa3g69VatG42efnm7vmnxYVv_IVaH1F905l4MhuSpRAzOib8w3oyoplFzaxUI3Vil60PIaH9zB3a-xmhXTAoiQn0T10fizAAghV6w3i34LSHe8Pid-Ccl1i9__69-dX-HmNDBkMI2A2xTa0vVA2rEDG1U4g5ZQ6n7T7N6ZOoaY63moHHmJzmnVoXu-dAfb9petxU2Gu4n1GkAIyCTeBxRdNtIRtDQxLl70663XEFw3huVQkKQhhf2alhL4zkuEaltPuFy8Cas1gLcF86tYvErdzFf9jFuMONuPI5IeBkazpL7ejp0HeUjmNkUWSkhjOFGk5a-s7ZLlsa0FzhCLIMVItR3Sl6cgraR1smUOzSFIPkibg91inE1sk4r_D4iy-ExKf5IYOTNymtQe65EQXYilcsJsfeliRLlXbe8Ue3AYc43XY6G4HMZnaAeqmQGRwBzbWbYMxg&sai=AMfl-YSwh9iXJfP56lvEb4do5aG-D0S9nkWJuVvEi5oiQM6wiOVwekQDSIbOaFig3sTBjxNgaLPzL68LQvOl4HaRA42P0w6v9dgKkV1caamgOjlE7jFuTp3ZlY2QNsU73tDLlIKH-76IOdgAJaj_RrqZaeCnuuyExoxjIBNDOqEwocIGbatm4wYDOMTTcnTKEQYoOcVzX57cceWCbwNGf42lgSDPWSq858LYVStjoqg3DUyZ5yrFbYseSvFvvPzApf6yrGBXU3Y9ZN0&sig=Cg0ArKJSzOT5weNia2CnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=995&vt=11&dtpt=697&dett=3&cstd=295&cisv=r20230124.82079&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A135 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6374d481e64e6af3e7e2627dbef154766409dc3e71284443dd10b401df999228
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5696
x-xss-protection
0
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 448B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2882 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31457fbef7aaf6c5677325feb62f067b6ee265b13085ac1d2e605825276ffcd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5705
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 10B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuSX4Lv62h49SumgiLCc3ByrsI6BLkXKwp65_11AUmDoHCpDFtr0eu867Vx88RQDif9T28o6x2j7h5wuXOO7VxH9wKsZucMd6N8fGmJOJrVQ-b5Q2BnLwdi5baE-dXges6ojCuTHik0H3kIHSaznmXnWRBQRILyoUJLdyjwSmWEdxLsDk-fGRYx4uPaLfnZ0VhHd8-G-LQ_D6DbA25BZk7Gy5wtHePdSn0iBz8tBh_huWUWwKiGWja7dF59Blycmq0nRWTWI4qMqOSs1eWJtpYDVcM4oFed1jLqNPyS7fS_CvrRMBiulPT5SaL21SJNP6wsEXPqT0cKFCkt8qHLHYgVgIsHqzNJjA6RTOsv7wIzrqFIJyJ9YM0XVTJYvHk4gzx4KbB2G0oKWd4hor3zJ6A38m3JQSpRwl1whDgxmWiCy7KGk8QTrI7vvDhxShN5cY2w4yTQ4cDjFT1mICq_ruo9Q2HNeAErxg3A8gSaEDjalay3firNnVQ2IUoijdlpYoCMCUcEtMRj1ue0sAofpzovANUmdt_QQhIKz0UV4yUcWhB88ulDu9xuhYGPFUZMuF0210XXQJu9MwKIKPDDxHVQKxGP6nQPXPOnIkH-X9vJRJr8W7MfydtnBLFAD6485tH0SHcy-imwcYFcJFFO1rdWyp2QbwWVTKWnN82yIUwXBai7r4bYp0Ss1URgVzfjVGcUK7yenSPmY0DwOznbHwBOWueMd43byzGQcs9WotrMeHcpsK6PQmPLYyP3JviMzzL8tMSk6ChGsixBwuimmv0dZz4h2BCSvsjZQSypb1r18Pt506j5y3xV2I_zQsirknQO9LwVdmgo94tI95LACKAmZEmbKILp7LcJeyY1iZJG5UtorJlnx3XFVygbX0B5dyHKizh2sVVvB6ai5aMzVsrQ7ET9MaOs3qpSNRy3PJZz9INla_uqpPAQ166CNc0q9qJdWPMRnePH7_9BOdf0Zkgua3HzmEByrNImeiQI_IammRJaMUwxC2ceXDCbzzo9WZYceJebSaCgzKbG1rsqeKzqmXhw330K095K-yOcVP5Nbu_wuchlPJHcughueAURS9Gz9-6mJDKrGK5zLBDl7GFWOROQ6tYI2pH1-CJyqyMNnKETukb5TYiZG_8xRp-dbBj5RZDvFXlqvkSOAnOwII8eFTNqZsDRukpJtc2RKBPowzOAxw34BWfnB430EO_oXH4-lZKI1nf1w7JXftKj8oMFJzoZlbJPlV6fa7icHUYeehhEks1yYNFN2f7x7ZuzvSm3UZO19qNy6tJN5H0vnwP4E1GyEPiz2DGlQ5c2smgUKMFbg&sai=AMfl-YSVsq46ufIJ11ZD0MB2xcdxNEr__0vqkC5tjAhz9gEmeE1P0SIkqRG7i68l_mPiEMijueMJa7izAMv090z2rvBtLwuF4I9rODbGgWrZqaxhQTzYMzh_JiEvy9CnL40KXPR2CDcM5_Bqf9mokK_Tf-P7wahqovHMFHPh51QvwOKBdz_j1ZjLk1Xi8F4iTUh9t35X-f2UwgI7fKMWa_wZ_jbJ2Kaln4io_vSIAsub7ExATiMhfid93tJomMsELlrPmhoHsZIvxLE&sig=Cg0ArKJSzGLIVeIG_LTYEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1017&vt=11&dtpt=698&dett=3&cstd=316&cisv=r20230124.05098&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
pubads_impl_2023012601.js
securepubads.g.doubleclick.net/gpt/ Frame A911 		386 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 10:14:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102688
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133524
x-xss-protection
0
last-modified
Thu, 26 Jan 2023 09:36:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 29 Jan 2024 10:14:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame A911 		235 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e55afb39855c447bf0795158c649933bd6bd19a472951e873f11c11c44e94a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 8B91 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 18 Jan 2023 01:20:50 GMT
server
nginx
etag
W/"63c74972-162fb"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 31 Jan 2023 14:45:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 60B4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsti6s7rsR8KQWb1zpWJvl6JRuh3hWN09FwhYO0A-mfqiF0ufpuQrij8yedcRf71-XoVHa9ohnbicwPU-B9dnM9XkIFHyMcZGczpZ9d21kIUXAdynu2vpx8YKMcGb00SvDCB_gwBFw&sai=AMfl-YQwHK4PKKCDTHyVMuAFQesN1a4yjqyyFklu0gUzVhTl6mqpWeBcymrqWiiUSMBmA_lA0vlNbdQgWDJdj2Q2AvzCAG2Qv8Idn1PfZ6q74iknEEQ440QUH5L2dyiZLw&sig=Cg0ArKJSzCWxFd1qraKBEAE&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&id=lidar2&mcvt=1061&p=15,315,365,1285&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=111351918&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675089946995&rpt=778&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 01B6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuM1YPUvjPSevZZNOM0eUZjdQrkgD0CqCNTllxT42keNMkfUCsCmmTZ5LJjyHdGh1WKHzSBs2226GttphqtFe_MGj7EQzENiBm_oKuhC-c8Fy3Dz5JTpXlgfqu3s4iIWym2JlSAhg&sai=AMfl-YQtQwa_Gt_G7GvGBaEFTAlJRqXBD3KurzsSzkbtgMV-4xwDo8LZILkZVLXdxWacSyMJFKMF5UkFeqExCv5-5avaLfAYN1-ISMXSEyfV6PmWipRguFwC8LyReZ_jyg&sig=Cg0ArKJSzNOHM33SYZawEAE&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&id=lidar2&mcvt=1064&p=1,1,1051,301&mtos=1064,1064,1064,1064,1064&tos=1064,0,0,0,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3986781468&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675089947067&rpt=684&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E9F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuM2QvhPouKp5IMcku5ZRRtyl0WFWFYwVHOWoYOphXK849JtEtb35scNXi2I-kav-9lXl5T0JsAwzXOX0jo-eeHgR_qT8YVfHFawxUs2Nd-m3jcR3ucMnuCA3N0xRLLhPFsl9qEaAmnvhT4yeH7QcVRWXVKItF-oNUApiXbIn4mkAtrQ6B07xYL_Lz99nQWCiKAx8awtq_vS4K8QM-LKMlo8e8TWvhZbr2ZvoVALSgESGPC-360S8jR6WCsv3ZIbYWmDtkRQpfrdt0imYg2EjphOMfSBs07xf2B7ZV-w7XhQfTCSSFJHD0QYD_nRoxeAiuY5vpFzut3Wm8YIpXDD_WE4nwgz22a2RpU7UQIRn84Vm3xjN_nRL2c3ZYkAj9nLWoCgscual186j7aXEtTtWVt4POHoUlRyflcRFXtyIbe6Ehkh53mg44bqb9De5sUJoMwf-55C1RqXrEmjVYswEDRKVuo4ahkrw93H51W4OcP88CxGHFnkokCf5VbVHVuYoL_pJ-3vs-46fbs-ImaK_zKv2lTwiOdC6dK9Z96VUzXFMuMljVr7dT35ogRoIfbSqMJ2x-wY7jiGZOG1cTWSx8EEotu4G7yKrCRX1-Yy-jREtNPxrhXDNVxrKNfbI7Nt8HGuSUINqP9iiUD4uzrSWuSUXoT5uODKn0-LnrZ0E4nBj09pcfrkLRacJDjbi7StbgQhW3gUuP7hxDqBzsu-_slKUADONMCKpTxv_L9U6_GXEcvrN3hdnK1sbUMnK-LI1RcUZnT5tX04nVJktdueYUFcjcJA6jOPNx9zBlao-DYoBnx4flC1c1cK5jGdrAdgjXlPimwYzzh5m2fUpdDZ0RGkxspxqyPp0mgpA8Zifoj5m18ys4Vy6c93rOug2HtVbf7-Zf12I5EsO06mbJCL5SsW5fKelH7PSKDj81GQ-BjIqbb7PqU2mu9yjs5YdG0ReEp-CUq671ULLMKwgTIS2O0fmoNE-deCdCqLsuPaCo3VZD8EDvsbBnPdxYOZ93XpSRUV_xi12WUsotCWAW3_uVwixeXcejx-ubxUk6fZAel2WMD2F-MtYZrrBbm6NMw0toemHTgAydiC6b9tO3IHgTzo-I9qUvXXbja5iZDgem4MV08om_gb5XMD4oTlzUv_ce4qZ-rQCjFd1UIVKIpRDCndi-Ig9W30gJK3doODOaBhdsoO-JE0kIzfCWqlRjTKFAvmECmUkNGv5ikR006uk9N4hQpYa54kXjhuaynBzi0pkwomn3HsYCp4vEKBd9XDN65JZsvTKGsPShgDIoDSOGEUtL5AvdpTUBwS6YieHSHGFlqjw&sai=AMfl-YSIWkzlvxuM7i7SOAQO1xyq4e3UX-CILZCRfNxJXWoe1yRveusHHbAiRlM7cIJOBvCLe_xiSnCeRN3aI4mi9iUh3zznDhB8vpoQvzzPSA9ASN-K5mlctpWQj46VBHce40-bopj9eiqBzWsEuaLEdOoRCh4UY2Ii7s9My7VxGhy9nnurylBLPfWL51Hu_TtEIK8JiPFuMZJMiBYCb7CtibWQOc0E3yCHxbR-siQPJxTwY-Na3eepCeocuvA_p12EvDN9lfFYG1g&sig=Cg0ArKJSzFBQ2vLlD3OtEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1022&vt=11&dtpt=476&dett=3&cstd=543&cisv=r20230124.70665&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame BBE7 		2 KB
814 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:43:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
163
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
778
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 14:38:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:58:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame BBE7 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4782f83dc6e60cadbba490062676bca4049c00df13c032a1f1e79bd2a6f73c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5845
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C826 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssZkEtDz-QFWpPmQMXs6ueR0pSYCn6Y6ZwODqNg0eHU-LG55Xu6o0JMKC5bmq09pnttnmh83MvdHswHGB66g_vCqR_tEhyr9GqhNXjursSFRHXbDiKHmMgHbTGHjHA-DdIDQntWsf22581o9P1WnA4AIcf7MCYoTCsBUrYl5P_oU_A87jvO7AhDaCSJscO7AjkmPztBwu8aqhJQ0Fm9b8gFsYM-BBq-NYXK98fEt_jzs1jcG5WsMSYDVYagwDnIKZv8lJLmgj-X7VBjwv6zZesH0G9HJ0Sqcp9NNEaDqAi11Bdy3V6yqgz6aOxcErqknVHmRCnsQnS4c3s2R9CPUj1QH1RkyThQMWXR_YAproWazSLhgMD21HBpLhf6JeA1fHocYr7eEDypOP38c6BR5qlK97WfQ4EVkfM29taK4AiLjtNHGQAAmUPnPIasURhcrYMS86EjmGetb4NriWO5zDW47S4yZvRBB30PGQSATc8JRIVxqCTVbkSDVd2ZdC-iRvCRcCNNdhzVcNPZTlUeRQbGfG77Vv0ok-cVyFSV1m75yLzPQJlnrAKmdU8LN377lOQoN-Ya0x8uKbAvksLfHWZmNqF_Db6hge5ZFninhSjLXbOPTPMCnQ3dPIB508FiKlZn3-bvUq42xGn5OvJXP4AldUlVzjTnU7eUXt3aRGiMm0mFvGy1WvYME95gpidx32YAG1Ih-t81SxCGM9UBG1Qrcp43Ugv11Y-_UmyC7mKnE0Ml22zuNL6aqND-fVi09xXtYm4vx7OyXONSilTTtVWjU9skvQoCOc0cMdQeGyI-4Ew4qm8ofwU_c0hlRdTbaCs_kPSXdcSp2mEAyJuE5OqH0HqlIXquYfT_wvOtxydZbBMPvVGLSBAAAs_KCZp8cYo6bxt2_zKo5JdqaVkGpJwxpmLfKyRzHJFXvxzglnu6ZJGKae9dSznrYbCLoFLdF1R3L5mn6tATzyOo0qkIIvvbR6jWg-wL8ciZRNehD2ybXCQZi0x0LMvZjjZjKAo6DPiw6x9wZHAgNG8OJvcaBySIWH5oTKl03MUOx2pQFvcaFQtHNCcyio3sr3mqvdErjpqvahAbv1Jd0H8CGsfHutvRikoeh4WSsHeo7HCftKT0cT4lfQ4_d9QOYUQ7qFPh9FoEb6SWX3FAhbj60rlRih-vhVDcRRx905sAQZ9NoYzmRraOUHlIbwZXW0YTw82C4vP3kIU75PD42D85AxoanQ_yh3w89vymc_uHsvc2ZSGlgQjIHu7YB5QdNVtVhMvAbtl-u0Vx_AJCo6mkQZBrMDjxCBwI7xHij4sLhOboaOHRTO4zd3j2SFBWKXRJxbC0sctggHVSY572PCIJaAqzpCxjoQM1obRUNN1lWwFLtbxilb4svkCRF1GKNhYehrs-xA&sai=AMfl-YSGBCQAtY7NEobXOkNqmXWtp8VzHwqCDIyq5yI7jcAogFt58I_G6B4SZ8UAhLKGvR438BbVjSsz7NoF50e44d3ELPJekkjmU7JZjwrvj81Sd0NS1369Qw86S2P69L3FzcxY3B-RyxEM1RhStGWFfjZYo-_wpJ9sY95BX27K5A0Y8MRabDqybyq8C8V8ru7vwJqDDXxx3OSAe1WfVvTyS0hwB-Y2JB9Z-brAa11vIwQ3beCjCfHGIEZudMAYQ-1p-cYI5kqzrsQ&sig=Cg0ArKJSzMAlB-v6mYLNEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1055&vt=11&dtpt=616&dett=3&cstd=438&cisv=r20230124.24513&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 30 Jan 2023 14:45:48 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C826 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65003d888e2b77ad662dff1e4ea4fdbd851538fbd5957e2a28c3c02638254f2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5728
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 905D 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14893cb69c4382715eaf4b5e4732bf7921596d9972dfc3f106b15bc21d2f1ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5662
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A135 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:48 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A599 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunERhmF5ff3QlvjFDTIPVkcPvOZ-EBA7hiLm07JlaEmj5_uz9JwzrY6V6ND85AJ4Bemsg1ppBsjaFLMX3s8AxYAZJYYnfB63lhZKcquSEMBeZWa72sSKCH4ZViRjjw376zSB8C-A&sai=AMfl-YT0Q7lZSFE72_LOetyJJhBlx6d_YuQqamjP39eGZB2mZjlbaz27r0n2jrQcdCXZBVyZxMMFrehj6DfSSD3sgJRLKXkkBzNSeNcdBPMBhpibvDRexCKumwWDbHvPlw&sig=Cg0ArKJSzPZkJMcugUzNEAE&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&id=lidar2&mcvt=1047&p=1,1299,1051,1599&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3986781459&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675089947061&rpt=782&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2882 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:48 GMT
dt
dt.adsafeprotected.com/ Frame 10B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=32928a59-5cc4-c9b6-1caf-59e964cb6329&tv=%7Bc:2Nafu2,pingTime:-10,time:795,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675089948930%7C%7Cbb1c2398dcf6b87a79945c8dd62cfb3e%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C163aaff5c8722b6783d15c22c28e8077%7C%7C65c8bc972f90b7593c8c858fd1361926%7C%7C396825c395b999b0d92dd84379f82707%7C%7C9c9782776e6d5c6c5e50fefdb467fe8a%7C%7Ced1e1f226b3d71546d2d96e9fa181669%7C%7C1663701684%7D
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
server
nginx
x-server-name
dt02.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6194cee7f9236718ab2531de/original/ Frame 2882 		651 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6194cee7f9236718ab2531de/original/skyblue.png_1650378740125_skyblue.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c60e3aa73627a9fa0a352e64d12c004924052cc0fbe4b45ee08fd831447fef07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:40 GMT
x-content-type-options
nosniff
age
461949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
651
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:40 GMT
Generic_451_2182_0.64.jpeg_1650378740125_Generic_451_2182_0.64.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182ab5b64d32994b3bbad42/original/ Frame 2882 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182ab5b64d32994b3bbad42/original/Generic_451_2182_0.64.jpeg_1650378740125_Generic_451_2182_0.64.jpeg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daa2101a8136cc4ea1e6ebf6f6064808dd5018045a821b7061ca6e7462aa68db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 09:12:00 GMT
x-content-type-options
nosniff
age
452029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6716
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 09:12:00 GMT
blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 2882 		91 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 14:57:23 GMT
x-content-type-options
nosniff
age
172106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jan 2024 14:57:23 GMT
icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 2882 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon1.png_1650378740125_icon1.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:40 GMT
x-content-type-options
nosniff
age
461949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7071
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:40 GMT
icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 2882 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon2.png_1650378740125_icon2.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:40 GMT
x-content-type-options
nosniff
age
461949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5901
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:40 GMT
icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 2882 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon3.png_1650378740125_icon3.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:40 GMT
x-content-type-options
nosniff
age
461949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6126
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:40 GMT
274x200_TUI-Live-Happy2.png_1650378740125_274x200_TUI-Live-Happy2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182601964d3291a07bacf95/original/ Frame 2882 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182601964d3291a07bacf95/original/274x200_TUI-Live-Happy2.png_1650378740125_274x200_TUI-Live-Happy2.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41d60face1b293297c046e0486070665b3b27a0225510b272064c31c278e628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 08:04:33 GMT
x-content-type-options
nosniff
age
110476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12016
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 08:04:33 GMT
logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 2882 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/logo2.png_1650378740125_logo2.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=36KaQJPHMJ&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:41 GMT
x-content-type-options
nosniff
age
461948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1701
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BBE7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:49 GMT
outbid
outbid.firstimpression.io/v1/ Frame A911 		169 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-22.zrh50.r.cloudfront.net
Software
/
Resource Hash
e5015b52ef8a203d48701c59421d20063d7b1afa91cc6f67a72089cbefb3428f

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
via
1.1 a2037d86ccb1a548f20827ebd95a65f2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
content-length
169
x-amz-cf-id
PwVzPi2kxpTsAVmrjXX2VoZbws8rAEcqx4h_Lw2qBQiTeGVMWNMeeg==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C826 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 905D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:49 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zahav.ru%2F&domain=www.zahav.ru&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=jXMiUHxlMjJYSElsRC91ZXI5enp6VERzRUxsWlAzU0tqTFJ1bGRaMDl5QlExS2EyZFl6dVBwOHVkQWIwUjZPV2w1b2V6Qi92M1ZFLytKM212YnlPQzZMT1VMTVR2T1FmR3QvSFdTL3NwOVkvNTFpemxRMmJDOG84U2lYVj...
357 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jXMiUHxlMjJYSElsRC91ZXI5enp6VERzRUxsWlAzU0tqTFJ1bGRaMDl5QlExS2EyZFl6dVBwOHVkQWIwUjZPV2w1b2V6Qi92M1ZFLytKM212YnlPQzZMT1VMTVR2T1FmR3QvSFdTL3NwOVkvNTFpemxRMmJDOG84U2lYVjJCSnlhalIzSjRwbi9OT0k0S3FtcTc5UGRQbTRDR3p4NGZCRnVWZC8rVzlObWFvK05LL1BDVVZOZm9adWZlVzhzNkdxQjdyZHdjVGZ3QzFHSFpYRXphVkphSkFSMW1heFdUcDdFZUExOTVKaWpiNzhTbnM4PXw&cppv=2
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c446d2875d9b3774eed93d6ec751fb5b0e5776418b6297b1e085db160f833177
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:48 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1883081
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=jXMiUHxlMjJYSElsRC91ZXI5enp6VERzRUxsWlAzU0tqTFJ1bGRaMDl5QlExS2EyZFl6dVBwOHVkQWIwUjZPV2w1b2V6Qi92M1ZFLytKM212YnlPQzZMT1VMTVR2T1FmR3QvSFdTL3NwOVkvNTFpemxRMmJDOG84U2lYVjJCSnlhalIzSjRwbi9OT0k0S3FtcTc5UGRQbTRDR3p4NGZCRnVWZC8rVzlObWFvK05LL1BDVVZOZm9adWZlVzhzNkdxQjdyZHdjVGZ3QzFHSFpYRXphVkphSkFSMW1heFdUcDdFZUExOTVKaWpiNzhTbnM4PXw&cppv=2
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
552206
content-length
0
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zahav.ru%2F&domain=www.zahav.ru&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 30 Jan 2023 14:45:49 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
384184
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 2154 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 30 Jan 2023 14:45:49 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame A73E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.36.181 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-36-181.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 30 Jan 2023 14:45:49 GMT
ETag
"623de86a-cf34"
Expires
Tue, 31 Jan 2023 14:45:51 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 90BB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1137
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
791afe55fbc72ba0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 14:45:49 GMT
expires
Mon, 30 Jan 2023 18:45:49 GMT
last-modified
Mon, 25 Jul 2022 19:18:30 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame F758 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481ccb802aabe8d69eb7da4a7a9763f89b2e55f33f63a033aa90b772ea4bfae0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
791afe55bee4bb59-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 14:45:49 GMT
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 8C70 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1675089945725
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame AE86 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1675036800000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.106.229 Marseille, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-106-229.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 30 Jan 2023 14:45:49 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
prebid
b1h-euc1.zemanta.com/usersync/ 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h-euc1.zemanta.com/usersync/prebid
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
160x600_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame BBE7 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e76dcbac23f25f1d12dfda4127431cddbb1054b5436f67c48e713a7e0000ae87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:33:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
768
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17782
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 15:40:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:48:01 GMT
skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6194cee7f9236718ab2531de/original/ Frame 905D 		651 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6194cee7f9236718ab2531de/original/skyblue.png_1650378740125_skyblue.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c60e3aa73627a9fa0a352e64d12c004924052cc0fbe4b45ee08fd831447fef07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:40 GMT
x-content-type-options
nosniff
age
461949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
651
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:40 GMT
Generic_451_2182_0.64.jpeg_1650378740125_Generic_451_2182_0.64.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182ab5b64d32994b3bbad42/original/ Frame 905D 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182ab5b64d32994b3bbad42/original/Generic_451_2182_0.64.jpeg_1650378740125_Generic_451_2182_0.64.jpeg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daa2101a8136cc4ea1e6ebf6f6064808dd5018045a821b7061ca6e7462aa68db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 09:12:00 GMT
x-content-type-options
nosniff
age
452029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6716
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 09:12:00 GMT
blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 905D 		91 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 14:57:23 GMT
x-content-type-options
nosniff
age
172106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Jan 2024 14:57:23 GMT
icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 905D 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon1.png_1650378740125_icon1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:40 GMT
x-content-type-options
nosniff
age
461949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7071
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:40 GMT
icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 905D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon2.png_1650378740125_icon2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:40 GMT
x-content-type-options
nosniff
age
461949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5901
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:40 GMT
icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 905D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/icon3.png_1650378740125_icon3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:40 GMT
x-content-type-options
nosniff
age
461949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6126
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:40 GMT
274x200_TUI-Live-Happy2.png_1650378740125_274x200_TUI-Live-Happy2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182601964d3291a07bacf95/original/ Frame 905D 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6182601964d3291a07bacf95/original/274x200_TUI-Live-Happy2.png_1650378740125_274x200_TUI-Live-Happy2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b41d60face1b293297c046e0486070665b3b27a0225510b272064c31c278e628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 08:04:33 GMT
x-content-type-options
nosniff
age
110476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12016
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 08:04:33 GMT
logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/ Frame 905D 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea19ad029b463c1ea1005/content/logo2.png_1650378740125_logo2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/adlibUtils-v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=XL7JzKi4rM&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 06:26:41 GMT
x-content-type-options
nosniff
age
461948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1701
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 14:32:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-programmable"
report-to
{"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Jan 2024 06:26:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8F9D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgmOl2X2jMltOazIhy2XpmafM5EOuOhQx3VR9LRNx2axcwWgPVGOkRY3-J4i78rMdTbMwK7HcYESE4Tg3NbNpAFYhAIYpiHJMdqdtVM7COlMSl8nuVF3esU148wua3ftiSPKpwbg&sai=AMfl-YTmAMt3CDMrkB80Gf0pnGt8x8WCHZ7DgxlX0qO_83zar0SVjPrroMgDnj-vnBSwkRPiL0ogQTow3AzHg6Quvhiz6-RSOMYQKBg5sucY0IoxqS1B1tFVA85hys2zgA&sig=Cg0ArKJSzDhPmJBqv8hnEAE&cid=CAQSOwDUE5ym_0RXZso6MQTIITJhKmZzPTdkUQiJ_MFinJR9mhZtQAlZruUy2uatpEFmSSZVGphQH_G8yjmJGAEgEw&id=lidar2&mcvt=1060&p=1102,434,1142,475&mtos=1060,1060,1060,1060,1060&tos=1060,0,0,0,0&v=20230125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1647081971&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675089947071&rpt=818&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame C75B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 6950 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jXMiUHxlMjJYSElsRC91ZXI5enp6VERzRUxsWlAzU0tqTFJ1bGRaMDl5QlExS2EyZFl6dVBwOHVkQWIwUjZPV2w1b2V6Qi92M1ZFLytKM212YnlPQzZMT1VMTVR2T1FmR3QvSFdTL3NwOVkvNTFpemxRMmJDOG84U2lYVjJCSnlhalIzSjRwbi9OT0k0S3FtcTc5UGRQbTRDR3p4NGZCRnVWZC8rVzlObWFvK05LL1BDVVZOZm9adWZlVzhzNkdxQjdyZHdjVGZ3QzFHSFpYRXphVkphSkFSMW1heFdUcDdFZUExOTVKaWpiNzhTbnM4PXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 30 Jan 2023 14:45:48 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
443248
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 8382 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame B5A6 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 6E71 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
integrator.js
adservice.google.de/adsid/ Frame A911 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A911 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A911 		125 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3883542085896430&correlator=3759899917793445&eid=31071679%2C31071972&output=ldjh&gdfp_req=1&vrg=2023012601&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A114914)_(wf%3A21935)_(b%3A101156)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&ifi=1&adks=2365663265&sfv=1-0-40&prev_scp=fi_group%3DG0%26fi_group_keys%3D%255Bobject%2520Object%255D&eri=5&sc=1&cookie=ID%3D08615cfad064c080%3AT%3D1675089945%3AS%3DALNI_MYNHxB9eHZVBxUfaiDBGAzvywnV3A&gpic=UID%3D00000bacf427177d%3AT%3D1675089945%3ART%3D1675089945%3AS%3DALNI_MayyUWYF9nxSVYzft6uscqGHX2_Jg&abxe=1&dt=1675089949241&dlt=1675089948231&idt=768&adxs=985&adys=4227&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=dyuok2qmbl59&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.zahav.ru%2F&top=www.zahav.ru&frm=23&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1296710250.1675089945&ga_sid=1675089949&ga_hid=849796080&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a325393d998f06cd61565d05e1fa93ef4e9444131e4ddf05be4b3893b3f793a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15910
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A911 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1500d5a98b14bbdd40f36b77baeee36e3a87bf05a9dac913e132069f06d542bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11302
x-xss-protection
0
container.html
fe57972bc97691b997752e012384b7bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E57F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fe57972bc97691b997752e012384b7bd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:49 GMT
expires
Tue, 30 Jan 2024 14:45:49 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame AE86 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.47.106.229 Marseille, France, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-47-106-229.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
315a6bd7949f170f0dd2a582e446883c441be83db484996676c4b6a83e5f5e68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Jan 2023 08:01:10 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=62058
Connection
keep-alive
Content-Length
10034
Expires
Tue, 31 Jan 2023 08:00:07 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A522 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1477db3b687f95253ed12d51fe248a1db9f97f5565feb9eac9e7ea475dcdb3af

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
791afe570f042c2b-FRA
content-encoding
br
content-type
text/html
date
Mon, 30 Jan 2023 14:45:49 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGLESgv1MVALuenSxxf4dbpBmeAt9WmR%2Bkizf%2FwTZH%2BLLyGY12RsWwOAGy7grT1UsIOLUdw%2Bu2W4OeyNpiLfa5eixMXskHTwNEB8LzE%2FUBfvtYOZAKFDX%2Bu%2BgoQRHJWOB7h3JFEb4AX81A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame F758 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
921752
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
791afe573a24bb59-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
dt
dt.adsafeprotected.com/ Frame 8F9D 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=f616c83a-81b3-0835-13af-6914cbc575af&tv=%7Bc:2NafAf,pingTime:-10,time:1445,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675089948930%7C%7Cbb1c2398dcf6b87a79945c8dd62cfb3e%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C163aaff5c8722b6783d15c22c28e8077%7C%7C65c8bc972f90b7593c8c858fd1361926%7C%7C396825c395b999b0d92dd84379f82707%7C%7C9c9782776e6d5c6c5e50fefdb467fe8a%7C%7Ced1e1f226b3d71546d2d96e9fa181669%7C%7C1663701684,sca:%7Bspg:32928a59-5cc4-c9b6-1caf-59e964cb6329%7D%7D
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
async_usersync
ib.adnxs.com/ Frame A73E 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:49 GMT
AN-X-Request-Uuid
399878b3-be85-4cf1-8013-1a5aa9fefe0d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame BBE7 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:32:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
808
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1840
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 11:00:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:47:21 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame BBE7 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:59:07 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame BBE7 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/160x600_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:37:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:52:39 GMT
NH_D_AP_India-Scarf_160x600.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame BBE7 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_AP_India-Scarf_160x600.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717fd7b2ffed856269e7a8c97cb355e144652f3fe46ce26bbddc44aa5a5a9e2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:43:30 GMT
x-content-type-options
nosniff
age
139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67794
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 08:31:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:58:30 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame BBE7 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/14981401267596077774/index.html?e=69&leftOffset=0&topOffset=0&c=7LDlaRc0cS&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:36:10 GMT
x-content-type-options
nosniff
age
579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 30 Jan 2023 14:51:10 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A911 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D3D2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOcD3G9jXY8ibHfuH9u8PtbOOsAsAAAAAOAHgBAI&bg=!Li2lLWnNAAZSrDxfcqw7ACkAdvg8WiRwOYQV2DHhiw4dq28j4ThuwQw6SbwQfTCEh3gT879hseRN5AIAAAIJUgAAAAJoAQcKAC_dNUovdztXa-O79oWzp17xbGMh2Bu2_r21gbZ9vTqnTSKQMzGd0YPJevepVnlCVZkC4JQl0VQmi4O-3BJ1dhguFf5bu0a8X1BXb7QjAXc_KmwMbfehn2wgxcxOoSzARpwoowaqalwckmCj4EqoznmQg85xf_RUoawUoJTdEJuWTW416qh4FF9MDEa8F142uG-H5k6XSorjXewBNj4dBVgKS7nST0PwnsWeXDOEnj4eXMGQyV6lghA__SJWBfN69RyAtttRfXYOa7AN1Jsdk0RjS6-T-KCGzdGQlv9gwjfUTOrdN7MGiYVWlyZGb7OEaSORivlv6fBPhn62nFEbgJYNtVNfzCkYdSr7yLm9wc5eO6FonWLSdkuQZTQFHq3SW54caqZV91XFXHAlnd-y_DWjlu2Ui2HJr67xnKN8pq4DJ-ZAmh5f5FkGUQtq8OvQPUYTaBr_ttoHKlAy4lpwS5S3ZsmZTnw1FOq5ffr1fNMkGUCg4Nn0wxcr3EoLqlNpEfjuaL-wKH5h_-ElpYSN2LyDy7OXHDKAeaMV6FWuzA1euvMOPUBkqRIQMT_fwBWkOP4336U3JuTYmSfzDMSs63OQe2pUy0mtS_Y9kYZfz8i6-9c3BJw0taQm3afK8noapawRyY0RZm_it0Wyxqf_D1CsiQII5GOsCX5yEIGKuFJe0YSpiZcHKHClL0Z_88F0AXmR4DYXiBmFEH17aR5xnAZKuXW1rqGhSp-yHS-gE36PjCPj8XFEEJxhKsKg3huuTBQUpKPRs2ZYfQWxEWMtTfR2qGtqiILSQVzjnIjH4OFL8dMmZtxyg-im27VJRqhg-PJa7awD0lIrWS-KFBAUAgYMGUP2MHniL0HzwPwJTLvmrUeMPNDyWAhW43BUk6vP76Dc5-6lsetR7FirlEP913wEgwrpPM8zg7Nilt5di1eR0qDtaS47l0eOrLE8NrjFdmuitJ5Dl2x0kFAS_qC0TYxY40O7jvhVLVeszIkrrol07FNKUX9BXZHlnIdLcCRr0RP94Nzn1VnwN1X6_tkmFrPU0iI
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame E9F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e3ebd3d7-a203-0d8a-232e-9fa3dbe27979&tv=%7Bc:2NafET,time:1350,type:e,im:%7Bpci:%7Btdr:579%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1350,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:24,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1343~0%5D,as:%5B192~0.0,1151~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:436,fm:tur0Icm+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f.925113%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1h2%7C1h3%7C1i.886862-62195781%7C1i1%7C1i2%7C1i3%7C1i4%7C1j1%7C1j2%7C1j3%7C1k*.886862-62195781%7C1k1%7C1k2%7C1l,idMap:1k*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:25,sis:509%7D&br=c
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
nginx
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
rubicon
match.adsrvr.org/track/cmf/ Frame AE86 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame AE86
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TERJWEFYVjMtVS1KRDNE
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AE86
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENDijRcZeAsbW5Gk2UAUfZw&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENDijRcZeAsbW5Gk2UAUfZw&google_cver=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENDijRcZeAsbW5Gk2UAUfZw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AE86
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTdlNzEwMWQ2MDdiMDYxMTNiMGQ0YmJhZTNlYjAyOTkwZGE2MjZiMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTdlNzEwMWQ2MDdiMDYxMTNiMGQ0YmJhZTNlYjAyOTkwZGE2MjZiMQ
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTdlNzEwMWQ2MDdiMDYxMTNiMGQ0YmJhZTNlYjAyOTkwZGE2MjZiMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame AE86
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDIXAXV3-U-JD3D
0
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDIXAXV3-U-JD3D
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 66BB66F971F0420DB7EB6B86797D3B20 Ref B: FRAEDGE1211 Ref C: 2023-01-30T14:45:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXzfEVtmQMcvYUmS1r5oQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LDIXAXV3-U-JD3D
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AE86
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Tq8ii7amWXy9Jq4oujCcUw?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QrlEhapE2oL3Ba7NKNgmBXANsrr2Z72dCrXQhw--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QrlEhapE2oL3Ba7NKNgmBXANsrr2Z72dCrXQhw--~A
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 30 Jan 2023 14:45:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-QrlEhapE2oL3Ba7NKNgmBXANsrr2Z72dCrXQhw--~A
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame AE86
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=FhXrYo7fQRCmBzhNKe4qsA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FhXrYo7fQRCmBzhNKe4qsA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FhXrYo7fQRCmBzhNKe4qsA
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Server
67.220.226.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M16975XNSVJYNB54XG64
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=FhXrYo7fQRCmBzhNKe4qsA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame AE86
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=07nLgFNhQtGNfxxHd_E7aw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=07nLgFNhQtGNfxxHd_E7aw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=07nLgFNhQtGNfxxHd_E7aw
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P2SW5XKJD130W10WAYQQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=07nLgFNhQtGNfxxHd_E7aw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
tracking1.firstimpression.io/habit/ Frame A911 		2 B
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tracking1.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.153.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-153-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
access-control-request-method
*
access-control-allow-methods
OPTIONS, GET, POST
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
2
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B91 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuF71G9jXY-_lKa7O7_UPxZG2qAgAAAAAOAHgBAI&bg=!-vml-b3NAAZSrDxfcqw7ACkAdvg8WpHcBYcsuU-tJUddWNuZWU-0SPKW-6mTU1JuL14eHecy0ZIDQAIAAAJaUgAAAAJoAQcKAGmKbTbogDAOtATFGPvX18cOAo7xp8aEjd23f6HZYJySzuwZg0NEqZfgtUgzms-2NPeAXT1CScB00QuJRZY-FhgnE4vPL_73w837m6vURyWsTQQOsQEgC2VcGCMLPJ9Mw4c6YKzclRiJcuaZAuznXQc8eEIVap8RDB9e51cW1zrQosUD3y4rhka3ik7G7_HZkHfIjd8xnntPNlO8f26yI0iax8TRCMO_JJ0q7icoYmuXr2JbVlZOqQ_xf2J28voheH4jtXsLkKtIEQc3R_3VViqgex392LyjxO-vbDy2j4iAYVN7lQYzE_85VH8kErs09l_ABoPVRnYRr-dBlLJzG2v-biKcfkrhu-IwnqZQO-KdykJCbujPFbAmAvqeJ6Jl0SqtQ7wNBb-81X-AkFlQcL20sKKAKGU9BW1nP81WviN_GLhM8uKVOpsIGmp8RCKtPzXSwyQfafr94wt0Jhs5NrgC7M6rrYwXaf6ZgkDdNpaC4ZjQrCKnvFpAqLtFHfBNmi5roFHnmcd-AFf6y0vvJjUF-TNpO9k2GVd8Z7nPcg2JkfYUr4zjEdAEoPqKHb4Jca7MW0MNjgxSa-XKNUbmMjceZPEhBihhRXNKzLbfERrS29J4zi_C4AzY2WewHSr1zg--P8moysrXvcMNRCiB0xiRla6KR-AssHzTVXcZZUpS-G7lDk9I222-CTh4bq_ZThc8emvDyyR5st9bxLX6yQrYfUb9iqhHhOmyqivTOXUDARaqxPdu91sFYtLS5csvBaTqAxOkdQZj1xhX90FP9FNjHfSwc18zYf4tVMbqhLNpOkn61gp1i0KjwpCBlJ-3okPUgxcjz8HOiNvQCfGBS3PR52hZJO_imv-spUyviqwbc6oQXBpMHcSsnpxM8UJJH5agvRx95qoS_6_7yQD0oMquh08Sdg-iEUyYkN84DjEpqWOwmK4Xmkf4urUGoWuS-o7xhcc7crJEEA6v00gdPdactHR-D6HNoJhPb9tdwvYRlxSnK8NWc9NvpXG8K3THNEFIBrptJizokEU6cvIzcDAZEuHiNPDIdYYg8Kudig08H5GVEB0XjjyCnwHmyOigGyuamNbs3qVxubb9gf_tBfDBh6Lv3CFl1RVECAejekAVkXwoMEiQRYFP
Requested by
Host: 3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
URL: https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BAC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1H6-G9jXY5SrKPCVjuwP_u6R6A0AAAAAOAHgBAI&bg=!0tGl0ZXNAAZSrDxfcqw7ACkAdvg8WpKeTE86tKkaooNt9sYH14iPND0oscIDMsrK2tTZGy8LOlRBSQIAAAKuUgAAAANoAQeZAvr--rzfX5U7YMepASGrpwIfoKREL4XbrlRLRXjCxsHi5LdLX8O4_jqRUevCnCTqkWYtqNa39WrTD3J8lyj0tf0kbyo1jyDqDZdNQe1c68FNb2EMZUxuwZUtqXBrr-HYKnpAziJ1qvygzHNHt1YL0SsN-lBkdASeAnst0pdHzaqwG5EFNIeYskeYWWkQE97gF8MIMMETwC2DFvMPw9-R18ykWCDmAe5GQfjIGxBqH0rIyIsOKa2BgqUQoxWxkl3zFBBeBvls460Tij3xGV9trx5XP_iLeiA_PPxbzZ30KxX-bZVkixeyYFIFrQVchWXAhn13gS_TBV3PiWO4_Pbs_lnLfYLz1AqbPSDoDLkyShJcNs6je84QZrlCdD5ZPOG1XaWbicfRBrpylNWFjVS9Zye3dja23O4EV8tKqW-3R_uYAPBbFEDMl1LmfTgMpI7WsL2wHrsDRLU3jgh-6LSbNR-vUKtHfUOVeWLeagMV87jXL5WrsTt3nF9DuphTPKS-XX5ke7mS7v5UvXYVEBsgDIyIHqI_0NcYhYazo98qxMziGbZPxTA8B12i9KCM9GESseh6TwCvUI6qvOTbsFOVwB67mLvNLTCe35w4jNIsfIcdRPBnElmpxoy2cpNS595gVuDE7rArLzgI_b2nZW_9R4yKsGqwWxNUSOuMrRtLB5DvbrRQiUoaTzfruydsKbb8pRsUnEU639sKnF7bNH0KzmDLy6pXPCDem8CmGYUZhth6xCe98WaiVa2PqvaiglAEnACwApKFCWzo9DrXX90O0msWbgO4kaDfXi5X9ZfC4mliN9BpFEt_yp6AJUAIGb3vTAIHQNoi27EXEDe6Wer4TuVZw3r6i1GEPEvAxJ__QDMLRzanqnYjc_zwue8yRgC7amggU8xEftapi0ZlnufQcKDkFH-WNkkW-4JDokfFVFrzeR1zTq09QXK7WLG_wOQ06GF5dLxVLh7-7MJMwqQXi1OD_QjpYjimZFxKMBD7v_iaqxxpD4GU_9E8edQ
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A522
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XEYTCYC647GSV0GNA76T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CGY8M42WXXY6MD72GYRV
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A522 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame A522
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1
43 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ%2B9G6OiE9lZR5Cx1Lgl%2F6F8X4bkM8YaX%2F6iXKidh9RpGPPoIwD0%2BwB7zldjOe7rWxVMz%2FhMMYMex7NGFd%2FaVwPnC97A8qlWf8bPNMkJAPAW%2BhdFUIrXsDTNtfDJBcaC6gR0y4A%2BL5talg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
791afe5aaec42c2b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEGrdwRoBYVRfN6HwGZVauso&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A522
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=527108006124877884
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=527108006124877884
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Mon, 30 Jan 2023 14:45:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
6efe2672-0659-4482-b39e-6b566242dcf6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=527108006124877884
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A522
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690728350&external_user_id=f9add9ae-2ec5-4b19-88d6-2796e9646169
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690728350&external_user_id=f9add9ae-2ec5-4b19-88d6-2796e9646169
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Mon, 30 Jan 2023 14:45:50 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1690728350&external_user_id=f9add9ae-2ec5-4b19-88d6-2796e9646169
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
bridge
cm.adgrx.com/ Frame A522 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
ix
ad4m.at/ad/sim/ Frame A522 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A522 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y9fYG5mHyrRfcWkg8lNCDgAADLYAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:d10d:341f:58cf:383f Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
htw-pixel.gif
cdn.indexww.com/ht/ Frame A522 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y9fYG5mHyrRfcWkg8lNCDgAA%263254
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:50 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
54529
etag
"902a3d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
791afe5bd88b912a-FRA
content-length
43
expires
Tue, 31 Jan 2023 14:45:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0971 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BSnWtG9jXY5nQKcz1-gadnq6gCAAAAAA4AeAEAg&bg=!jo2ljcnNAAZSrDxfcqw7ACkAdvg8Ws7xlL6G2RYFM55VXwedOJ0xUm3bDOaGkNZfBQGdINlvssN1NAIAAAKtUgAAAANoAQeZAuYkOjBLMm97WRoIvze8dNR0R4BUJ8MErTybRS6S4UUwhZxHjQ40yTAHsfSyyDxNiAeuSZ5AtgINS4DysHnOtoMp-V_vwKwdV5rhWXfa2L4x-4qS9qskVhE6yZud1W0aq-R9awPgSQiZ7-w4eDDjurhH5GjOq0GN5PfJKUVz6FnmigyQ6ZAYxtpA7Lys_axpu25w2whPy3PZBdlu5kIqx1h5IJa4nSIjuzzwheq8Led-Se276S8xa42yMECjlz-n4Yv9dcgETZPYTWrvlwaiWT-LCwor5vrG5W3Qs0fL6mu_uG4z0eMxQuBNM0GzQUWdqylxav8YLUO1mmN1mDM_vYOqy00rqcA5BEr-WUy1GFVkrSPfP8NcHvxZHbmtjJDYl0ctQzO3PczAwbGYQu6VAKsQmGXamDT8fq4uZhUCmG4pfBIf3WzwgfAno8ateWu6i5OsKeMph2UC_l39kq-nwMYqd6xU3tiREvJD7qZsFcVbtixpPqddvEx6Sisvv758RWjdVYLYCCiFddALM-rX16hkFO3Uq6xeRPxUvrc229Hr0C9lbyfjSV2GI0PHoav1G5vxLft9p8fhiNwsnl2s28AyWLuppa_MU1JWKkYUIUS3x9U26Gb6EPLAV8yv1TVZpHg8JzV67hTxufkhliRO6n6Yfc4M6PC1v1GHqSEeqSnkMfweDSD_LliHHgd7D3tfdOK6k8n79A7aMd0QTj0dSVpyJ3jOpEac-HxrLd1oOTT5is8ppwNM_t-0dwjGJXFmAek_JDm--CMrk4qMHVgD1Z7C3Wo-9kzAEsRolYsbqNh7KiQrmJRPdJ_LNSvlwEiOdQ--hOKTdJRWoarGknuL5ugmdW-Y16zBbQu2XAiEVs-fbSMFQZGegRTP0aw5HWFAz-GAmeTXRMVEacxUcQMYZY_u5scvcLUrDvbVv1pNMgvQ5UTNQ32bt89SDff1_5VrkTnxHKCAufBhMTe7dnCl0lhmBL6rS4f5
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 448B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bm5ovG9jXY8LWKauM9u8Pts-c8AQAAAAAOAHgBAI&bg=!MDOlM3fNAAZSrDxfcqw7ACkAdvg8WnXCEz6UzlSUrKRQKlor5IC34nXbsmBhfy7b-jqvoe9F51rxuAIAAAKfUgAAAANoAQeZAuM5w3KKcNNRxt3z4IBJysFNedKjgjuvnCyZvmlsBKoSagJfri5q0345KiQzi2U2qxHO8XLmA4_1qqnge9DKiBUiuqmkkWota2OWghuJxjRAMarwIsF7loasB1kjH6QrLhzrRfc7FxHBxl3LF00RChnMyvmccSudP-9tKVHKxSMkHNBRD-6jwIvSdeTKwj4NKvecJ2obAwdc2U4YKS0YJXhRgLGQCz2RGCQDI_TxcL_FCdBj7sEAINzr9kvdfAzdES89xLblypqpI6VFkhqi6wRI_TTJ8BgJMDmf2222q4u3tkfzvNKEPaAikHLarHdiFehHSl3SQCxV4ZdWgm8mN0SogpKFVV-BVIMQ4pl8-3aVzRt4JYfdbnDBuCBMjN6BWWeboTS21yVatlAM584CdkVx5HbGFHTXBgr_41nKkJYlT7wLMJGZ2gwWrHAO-zPgUi4aUhfWBiazrFdzkJUrIqWf1Bo6tw0rJoDanNMSgcNUNGmEP_mrjlSjxE0oR4QyFYsWE4i1cdM4d31KJLRWORR0vgeUzUAzFklJAMA51pLF31FsGx1Ay1yhTPldLRZ8CdcTeNamlxCEj-EdwcAGr6sYvrXyKXuFVVfqsDMSgyDYAbNHKHMmZVnYGLU6IXnt5jhU6nx5HppDcGg8_FDGFJVtQ6RESHrclDdJTWzqrD0VMvkBoa8IA-trF8dFgHfrOCKe4qBI4rAnAnYHM6PqQ3EKR1De3MKP-kWvSlQzK4Jk7dQtdxf-gaGOGz_lwFYBYY7t9CeGL8ygRIk1nKnnjAI5yqvIK9KtT-GhrT4PKI8U-ALeKCW7k6xtiQia8QssAzRiE3cKDvPLjWA6wo4Ftmlv6_3wQYOrEwz6twtKA377xop25HIrXa2otw2X6-Wm3JPni7sniqDiUIxCZsKMhql_6xw-ckXHJ6gv4RqUgIJn5hI4e1P35Tg4-dpGWKHlkm0-h5VkqR8IjBI6ocNvpAR3TYe-
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 10B6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=32928a59-5cc4-c9b6-1caf-59e964cb6329&tv=%7Bc:2NafIv,time:1692,type:e,im:%7Bpci:%7Btdr:1045%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:1692,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:21,wc:0.0.1600.1200,ac:NaN.NaN.320.50,am:sp,cc:0.0.320.50,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1686~0%5D,as:%5B1686~320.50%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:230,fm:tur0Icm+11%7C12%7C13%7C14%7C15%7C16%7C171%7C1721%7C173%7C18%7C191%7C192%7C1931%7C1a1%7C1a2%7C1a3%7C1b1%7C1c1%7C1c2%7C1d1%7C1d2%7C1e1%7C1e2%7C1f.925113%7C1f1%7C1f2%7C1f3%7C1g%7C1h1%7C1i*.886862-62195781%7C1i1%7C1i2%7C1i3%7C1j1%7C1j2%7C1j3%7C1k.886862-62195781%7C1k1,idMap:1i*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:22,sis:582%7D&br=c
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame A135 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5984981385024&version=m202209210101&ct=76&x=1&cor=770689035717638400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9381 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:26:53 GMT
expires
Tue, 30 Jan 2024 14:26:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6FC8 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dccbb81212d20c261243940e8051e3dcac56545da1dd89a590eb206a8ec42df6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tj8zvU-3BsXiXYjKtS0pYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-tj8zvU-3BsXiXYjKtS0pYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:50 GMT
expires
Mon, 30 Jan 2023 14:45:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
drop_cookie_sw.php
csync.smilewanted.com/ Frame 38A8 		0
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
791afe5bdbd4bb59-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 14:45:50 GMT
server
cloudflare
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame C826 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7109537065992&version=m202209210101&ct=76&x=1&cor=7245488825463465000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame E9F4 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=e3ebd3d7-a203-0d8a-232e-9fa3dbe27979&tv=%7Bc:2NafJW,pingTime:-10,time:1663,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC4xMTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1675089948930%7C%7Cbb1c2398dcf6b87a79945c8dd62cfb3e%7C%7C2e8a6538fa2d69b650a00d23a95123ee%7C%7C163aaff5c8722b6783d15c22c28e8077%7C%7C65c8bc972f90b7593c8c858fd1361926%7C%7C396825c395b999b0d92dd84379f82707%7C%7C9c9782776e6d5c6c5e50fefdb467fe8a%7C%7Ced1e1f226b3d71546d2d96e9fa181669%7C%7C1663701684,sca:%7Bspg:32928a59-5cc4-c9b6-1caf-59e964cb6329%7D%7D
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
server
nginx
x-server-name
dt22.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
ap.lijit.com/ Frame 251A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 30 Jan 2023 14:45:50 GMT
X-Sovrn-Pod
ad_ap2ams1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 10B6 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3767782780687&version=m202209210101&ct=76&x=1&cor=14190400931800054000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F9D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7044248949425&version=m202209210101&ct=76&x=1&cor=11858779131684209000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
493534cdcae3e7de53d840b82d9f5cfa
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame B78B
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/493534cdcae3e7de53d840b82d9f5cfa?gdpr_consent=&gdpr=0
0
433 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/493534cdcae3e7de53d840b82d9f5cfa?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
791afe5cfe3dbb59-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 14:45:50 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 30 Jan 2023 14:45:50 GMT
Expires
Mon, 30 Jan 2023 14:45:50 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/493534cdcae3e7de53d840b82d9f5cfa?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1675089950164068-514
v1
match.sharethrough.com/universal/ Frame 5A7F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.128.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-128-123.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 30 Jan 2023 14:45:50 GMT
smw888.gif
us.ck-ie.com/ Frame B0EC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 30 Jan 2023 14:45:50 GMT
Server
nginx
OhahF6rPb4SeAIS3Up6b
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame C592
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/OhahF6rPb4SeAIS3Up6b?pi=smilewanted&tc=1
0
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/OhahF6rPb4SeAIS3Up6b?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
791afe5c9d78bb59-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 14:45:50 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 30 Jan 2023 14:45:50 GMT Mon, 30 Jan 2023 14:45:50 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/OhahF6rPb4SeAIS3Up6b?pi=smilewanted&tc=1
pragma
no-cache
sodar
pagead2.googlesyndication.com/pagead/ Frame 6FC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=3883542085896430&rc=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame 9381 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
setuid
ib.adnxs.com/prebid/ Frame A4EA
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=78720388ab838806413dad0039e148e2
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=78720388ab838806413dad0039e148e2
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

AN-X-Request-Uuid
9f422d1e-a1e5-42b1-afb2-2fad66961e7c
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 30 Jan 2023 14:45:50 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
791afe5c7d38bb59-FRA
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 14:45:50 GMT
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=78720388ab838806413dad0039e148e2
server
cloudflare
connectmyusers.php
cdn.connectad.io/ Frame EE1E 		1 KB
874 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3011
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
HIT
cf-ray
791afe5ced249bce-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 14:45:50 GMT
last-modified
Mon, 30 Jan 2023 13:55:39 GMT
server
cloudflare
vary
Accept-Encoding
generate_204
tpc.googlesyndication.com/ Frame 9381 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lhnPxw
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
getuid
sync.smartadserver.com/ Frame 1777
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.106 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Mon, 30 Jan 2023 14:45:49 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Mon, 30 Jan 2023 14:45:49 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
1
sync-eu.connectad.io/syncer/ Frame 93A7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
791afe5d4dca9bce-FRA
date
Mon, 30 Jan 2023 14:45:50 GMT
server
cloudflare
38e9d187-6efa-426a-834d-f16dbb80efa3&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 969A
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/38e9d187-6efa-426a-834d-f16dbb80efa3&partner_id=1010
0
523 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/38e9d187-6efa-426a-834d-f16dbb80efa3&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
791afe5f3b03bb59-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 30 Jan 2023 14:45:50 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 30 Jan 2023 14:45:50 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/38e9d187-6efa-426a-834d-f16dbb80efa3&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.php
pixel.rubiconproject.com/exchange/ Frame B252 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
async_usersync
ib.adnxs.com/ Frame A73E 		0
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 30 Jan 2023 14:45:50 GMT
AN-X-Request-Uuid
6dba5af9-f478-499e-b8c1-7ec9e730939c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
80.255.10.202; 80.255.10.202; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77270d6e6d4c6e447646867f404f92cbc76537c234cbfbb3c62e90ffbcf1111a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11266
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 2F2B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.zahav.ru
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:50 GMT
server
Kestrel
server-processing-duration-in-ticks
540307
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 2F2B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zahav.ru&sn=ChromeSyncframe&so=3&topUrl=www.zahav.ru&bundle=H1OwB182JTJGWHBBVGZBemNlTVhsbHVXNWYlMkJHY2JsYk1kMHFkS05YSlB6emtHdEdCM29nNkUxdU...
  • https://mug.criteo.com/sid?cpp=1TWl0HxYWXliSHo4TlpVLzhwNGNuOFRmbzB0b0Rid2lmQytNejRKRmZuQ3pmdHFiY3JWNUZmUmpQRUxxVUc1VU1iTC90SHZmeTBRT1BiZEk2Z0pOckRvUytqWEpFWFFOc0lTNU1VV29WMHpsK1I2RjhtMVp1cDJTOFFJTE...
433 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=1TWl0HxYWXliSHo4TlpVLzhwNGNuOFRmbzB0b0Rid2lmQytNejRKRmZuQ3pmdHFiY3JWNUZmUmpQRUxxVUc1VU1iTC90SHZmeTBRT1BiZEk2Z0pOckRvUytqWEpFWFFOc0lTNU1VV29WMHpsK1I2RjhtMVp1cDJTOFFJTEkzWnZNME9CWWYwSEdiY29CVFloeDNIbkNWMk9nY3hHTnZrcnZWb2I5MkVkWHo0ZTZJOUhSODV6dDFyb00veWNBVmIvQ2ttMFNYR3Z0UzEzNDlGbFRBVFE2Y1U2SVZOaU0zM1dGbkcwa1hvUWRHVGhBTUF5TTNoMWF4ZXlBMi9hN3pXc0ZRSVFzMElDVk94YnJsZ1ZlSVVWZGRQTGdwdz09fA&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
447966c3619f06d06c5c9d70ed808c04b4650f5090066b2e798a5f5accd8d561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
19270345
expires
0

Redirect headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=1TWl0HxYWXliSHo4TlpVLzhwNGNuOFRmbzB0b0Rid2lmQytNejRKRmZuQ3pmdHFiY3JWNUZmUmpQRUxxVUc1VU1iTC90SHZmeTBRT1BiZEk2Z0pOckRvUytqWEpFWFFOc0lTNU1VV29WMHpsK1I2RjhtMVp1cDJTOFFJTEkzWnZNME9CWWYwSEdiY29CVFloeDNIbkNWMk9nY3hHTnZrcnZWb2I5MkVkWHo0ZTZJOUhSODV6dDFyb00veWNBVmIvQ2ttMFNYR3Z0UzEzNDlGbFRBVFE2Y1U2SVZOaU0zM1dGbkcwa1hvUWRHVGhBTUF5TTNoMWF4ZXlBMi9hN3pXc0ZRSVFzMElDVk94YnJsZ1ZlSVVWZGRQTGdwdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
873059
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 30 Jan 2023 14:45:50 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CA75 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1137
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:26:53 GMT
expires
Tue, 30 Jan 2024 14:26:53 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C77E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
39ea6260997f7c990c90b16191a8c6f6acf9c805f59b53bf18ad494ff7fb1c5c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CLhBYJeaIuRh1XcobVVMYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-CLhBYJeaIuRh1XcobVVMYQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 30 Jan 2023 14:45:50 GMT
expires
Mon, 30 Jan 2023 14:45:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame C77E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012501&jk=1865094716149427&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
pagead2.googlesyndication.com/bg/ Frame CA75 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/V3SsRWZOfA-pKEWNVYsb3GaVjAUiaK0X1iPK6a1PXlU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 21:05:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
63610
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14206
x-xss-protection
0
last-modified
Thu, 19 Jan 2023 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 29 Jan 2024 21:05:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9F4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5062564430351&version=m202209210101&ct=76&x=1&cor=4822338309419823000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 30 Jan 2023 14:45:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A911 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=3883542085896430&bg=!IiGlIWXNAAZSrDxfcqw7ACkAdvg8WvPUE36p8BdNTVOEq2fXVpoq4a2zDXlaUOtlL0uWV7r2r82M8AIAAAByUgAAAAJoAQcKAMaQvG2RnVU2zdbWTYGU3fBz5G9pBoBgTUj3G_oHRYHW9AOt7TE2kAFpclsYo06c0NkY4oNju_H0WTgTpEf7x0Y3sTR_lsvHBfWZRo3ZgNQxVcJeyjA5Rx_nNNNNUV1ehPD3xBwZL4aoqRmdzUt7OUG_MJcjor_Ao2C53WXIUCoTSETwlxWPQsP4Mrg4NLtLDibFiwq4wODK5J572IbOiEolECjPtTsYDzSCDxAvFNaq9zb0-zlF3Yicwdx4fVgIXavgcnjWHnuZAsedgb0tc3ezOmt_iGobJGV8z9HZ2OSdL630wdS5OQu8IeyET8gxRxP4GF-OfYa24671mcvanhj4a4aL6m3EPWXPKZD3J58wJd-MhwjCO5EaFcnpsmQjBRyIyNrzBRi2eB_YYN9_w6djjRNQ7agEsDRj9Jke_WuyKi5v20cvoxVY8Ue4uCOzCtwrufRxtzqC8925e2YuawU_fXDe6No15fUlxAs656BnvYNQFzV80iaZFuSweIRFPrZL7CEHegU2UcIG7G69HPlWrsxjm9lIEik96st8bQiWKxwvM-D1mImSuQmIJb2IW-rWD-ScNlZ0V5zyDsvSYeWfXBjFFDSLxLG7Ic8aEI50OtHxYiEFxF3EWCvQKTZ7aUiEO4s8gKKHtr6Dw2ogpnPfztTPreuP5abYE243NcU1zz_QvK6wf9894IESsop2y8pHSQ6M8scsVJiPsE1K3tA1STjuJ-sNqgKPVbyymDk5G9kRxRWLjLz6zzzTyfD3PyNf-uqIfmToKoV_i-KoXxglvvVWf97A0lR6pXKNVZloKJz-TNq-ZSe2a_ZmqHq0sqE6xtHEYkQaMdHlwAGfEfnWAIv3CY6p2TALT0MYisif8s1iGknhNSjJoM9fzNaDdSIA74C_kA6_pPqcfqAieRqUj-uPLDa-q2JjScTf8OU_X4jTtuT-SjgOT-dEoXcZGKrWaok1gLz0aRVZJId6KGAlM_tL0aGkS0vkDumQBKADxhJ58iyKhX8SZHxE67EFRTC6xyk2XsxdEFU2_e-ClUrrN1D_AXMfws8X0WuYs8zkdS7si8mnXSvMj5oZ6XQoswFxZPqL7myTegMMURygn8rFFjey3fIX21JDJwmrfT45KoGecq9YEi4iqNM950gDdfRrdeit1qJOkfXx1pdy9IqmSYTHE_jSAQiXL_0w1nBtpJ1YHrv4T8c8_5Vcxm2YSkk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame CA75 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?jmikpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Mon, 30 Jan 2023 14:45:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012501&jk=1865094716149427&bg=!09Cl0JTNAAZSrDxfcqw7ACkAdvg8Wp2YHUDJ2e2rAhvpkx_4NaD36ZSVgoYQuNPa_GB_i0BTux315gIAAABvUgAAAANoAQeZAp_r1gi3Dvu0HOllwOBcs_pmIN-eVPzyrB0aEBLPACFuOFFh-cqP6HnW1_kk_C_cX648hlSbype4r2gNzDy4xFIweCQzDSS7tE-16BNWvn9YtJO6xMIpbgZOuPym3W5RuIno70lwFrGOdJU7-K8510b72O-hioKp98sVfkGt4HZi8Tr9EZHF6q_sY_m_KKLCma-pJUlpwvorpAc5O1AMOuv-7Un5CFNQE17w7JC2NP9B5VQx8GiRo34kfWtD6yK8EYGvt9OQBu7lFvV3snXRBg2d81pNURiI4WUXSfH5TZWnwYm5f7BPBRvhH-v0n8t8jlhHo5W7HXcdLmPEiq6JjPKxMve6Ni1-nUVNFXifUXwDf0SoKQSuz4oyrEsxx3DhM_8gEpGkZbeusiMdsyFKeLiihbQgfFWHMHIOymfQzM61Ehxsv4AsfqbER9eypcv1C48ybTsmpHgPS_aughNSLJyiVrqI1vk0cfrgWMPTF3gda_VvKm85aRXM2VotP7dj8kJOIZHp9YRYkp_J98CVFCQIX5E4BVrI6ihiQPQPlcZbv3QdJCOFt3De1D3YgcP_pahYqoc1czicUWdRACh1dzcXEQrUr6_gvRMRLGRcHDJJb8UMkMAcqQ_iVbQBOCqLFLJsEbKgUILEDfmYNuE-hdx1UP4eHMxxYfGmRoa5ACUfFpV9Thr70dS6YkazQGsWh_gOwQOJ0NGaWQe2bJWZnBPz6SVdDRgHMcO_FURc3Jm3z-QjfJ5ZJIW6mRN_DOrYHvqj0sVNQ_19mGyPgNjks9XJpX7gCYn85Y-4bbkGy3CuV1KjUET11e1JNJbIG5o34vPCfkhaToe5YR6YapK5NOcsrVPMieOcNYKC23f-WUBI3UUgsxwr0rs3cN7fgEM9VQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers
Tuitype-Bold.woff
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 2882 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/Tuitype-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 08:04:36 GMT
x-content-type-options
nosniff
age
110476
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33164
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 08:04:36 GMT
Tuitype-Regular.woff
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 2882 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/Tuitype-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 11:21:36 GMT
x-content-type-options
nosniff
age
271456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32792
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 11:21:36 GMT
Tuitype-Bold.woff
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 905D 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/Tuitype-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sun, 29 Jan 2023 08:04:36 GMT
x-content-type-options
nosniff
age
110476
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33164
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 29 Jan 2024 08:04:36 GMT
Tuitype-Regular.woff
s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/ Frame 905D 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/Tuitype-Regular.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1984696164968038400/320x50-Live_Happy/fonts.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 11:21:36 GMT
x-content-type-options
nosniff
age
271456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32792
x-xss-protection
0
last-modified
Tue, 10 May 2022 13:01:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 27 Jan 2024 11:21:36 GMT
all
csm.eu.criteo.net/ Frame CC30 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=c7AJQESZAMkklcl4shtWGfJDMJb_GaRPTOCQ3WBEOR_zoOexbhDtYYFHZi7rqhcMJSW1yFIgYl5-U3hnobQmnN3Ofjwxwmsp20knO59va31YWwu6uZVbYL-AT8oVFbRfLfruQuqi636mdJ_e65uzUhetVb7na2CoMxbcNS0g9I1UdP2BgGSfNVbqvM87Pb88gf1uK6adM3s5e4QvMjE3WX0AVyHG_P-hR1_EQxDbM6oz-KyfJmigCTlfqMhtUyGOF-lBZw&sds=2&rev=84429&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGQALBfYH_ZOVAAmE5stb45VFnAK6vJBgYg&u=%7CY1d6DzpxH%2BtsIBs2wvdk1a%2B6efW2o%2FG%2FXiSw3HGkqE8%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD0z6RaFAlAQ6ciC3rnAoG72_3BFDfZ8qj0n6FwJ08Cvv_7xsebT9t6V2UCTvtKkp6nR39ZfkcRWRUvLh_x0Gfc-INbVg415BfdPN210kMCHH50AlE2aXUadNP3O1JMw3e9oWOqoKWlMlHBwk60Ks0CztvEuwYSiLbsJRUjkK67b74l2rtERK0q9zLMH_sL_zpWzRyLJRDP4wBdySW93Ztw8N2D7Q8NgdtwMMNlJR7ucQS-domXRkRPLSLKOqe-xuvNe_kA1M70ekr_tl7jVZX6n45dxNejM51uWbJ36GibJdSsSZ15Zs9bDesnSZZhH9CQ4qcRXpVPUHfWBYuZW-_F544kGGcrx05FsVxGXuUFN4ogn_fIdFxxY642xh3lJIkyq2G5Do-I-N0pbmh-ToVbU0vJvyj1reu6ZbbyNHjTrcPta51glEmn9u9ACWr9bttrcNaqHT0j9jYrJA1dqZjMqU6fxQx8O1i5VUac7lRv-B4RsoU3tA_hAzBU4y5hENIvSzGRKSjDJbm1qOmToTzG9_T5dDKh1_EFBc6bkOoFPUNlrEYzLcjjkO9FIXv_1iJssfcMmtGyqbu4Ky9TGtIbrtQrFnE3HDvA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsbcWGdjXY_aLLJWn9u8P5ommoATJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS8Ak_QDtEA44Bfp6LdGjk472_1ZwzH2DmH4i13qkmnuunybMwBARiVpAgpbdvjWHmaZBfmT-p3IjHfXbmTNrKVGWQPxRcL4oc8tUcc6aGL9qXHymlkrIsvl3fgI0KJNVQA0wGKoReAMbW0M_jxl-iOuFENp7e9FMU7cAihoTN-7wsx_mZhqooz9f9X1vbcRfP4fV2ZoVkELcC73VPnBq62aP5ycdsBd3VjQXedgFVjssHt-g5pR2EtyOgYb_JTLlCQ5_nDZiiKLS1TelWexGuweuAxgc7ph9C-ceRCPC00SxOQQU9hnY4Hpy9NEE5E4GEqhpmJB3tISyAzEUsTQzW_kXsmkRYSD7pXBDaXF6F50pJQfnRB8Xkmk20MMzN3jdHVRsS_nBhoAEy4KhfMgsEn7aq4Kr9JAK3e3irnY_HgBAGABunsmfDW19_KEKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgEDyCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3DH9WChifwp93kcFeA5-MzXzTZbg%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Jan 2023 14:45:52 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
all
csm.eu.criteo.net/ Frame 1403 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=J7HIhESZAMkklcl47dXk02kTtzzelTD-8a7_DUiYJua3iV4EPAa0tMxyA73eD1xaH5o2jECSz7-hYIXgwpqDPzg1SKOwakV07q10vwZrGhEV557xOc6hzKM42_7C9eC6ATWNHEBfg4BjqPP5Eq-W5nq-qdsHVZbG1CI8W8Ld5NS1g2MXqaYo4hqj_0fWABZyE7Z-wyMa1nN3f3JuJnI--HaM1Mbcj-4O9J---AXzPrraDOyMpyCqE8j2gLFa3PZx680quQ&sds=2&rev=84429&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y9fYGgAIAoYH_Z8MAAijQ05QjSd1nOaxPlVRpg&u=%7CpdXf514nqoUcs8pbSLf7xJPV4stOrj70qVDzKGzpDco%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phuT-t_V5j3Ac3vqEFPSvYSLXaphThhXzpGCJLg39CSLXRx6QKDHB9HZCg73QRqYsoX8YMemmPnXETjLwsYcsmMdmdf6SSQiVBecCD1Nz8NkBqhaGfORWC_407XEr9d1HSZoVxQZ44QVz2-B_PYycFE-wjrFdL7Pc7rDWZHVEXcnne-fiVGBE504BfXyYdGYZcYaTjZBfuPIvxIiHEqPNCRltUj6Xc3p0KsO2OK4Du2BMzUYULtLMBayXakkHs1QuZ5jcMCHZORrH44uDPCJ1ywa_O34o5xUVfWGrpBZ_rimkF8oYX73tcTfd9QIZJwTxNyretv9PEMLYem8Py5Qn1lLzBFkAjvWY6B5vI2ycHiW9EhtuypIkEQzc57h8Drg46VwQ9rNOCL9L1e1J1mupvPoh9mMP2kNV2TLstti9HVbB3lKYoEkCV_nXVMYiGt5Z-jcNSlfYJkMnqQ0aeEp8D_kf3B1L04JJNBq6M7XXDMaV5ykmLaNHZ_v7u5kkfBL_krWRIVwT9hZz9ECPd5heFgi84o6BnYV-YDDxYcE16LRA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKMM9GtjXY4aFIIy-9u8Pw8aimAnJntKxXNWdkfdwwI23ARABIABglYKAgKwHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAght91njR7I-4AIAqAMBqgS5Ak_Qhw-zFSwpRIyRK26wUT0JmGLHqCQk4CfB0abS02Zdpz8Jrn1y0lafODHF8IDJmmfHPMpPVoDEi9hygirBzjnVmbnZzorxJEmNR1PqnOyPK8hs_eqAbXFbYGDjvJxZozscrPqqDsDLD8eV9S0-l6rSGsCeV9Nic3kL9H0j4xV1QrJ8WRMV7MR2hch3iCQSIJKua0-t9RqnGBj_AbLs6Rbl0kJ5ZUfj0Hfq5lTrSNPo6pl4WYYN4crnb93kOLxiCupwUSW5FPpsoptQH6H33EEo0X_dfuoAa8jXcD2if1Bh9KZaH792qTcM_5xeZ9-2isZwY6gwdJlpbnFEmKDjpX8ChXnVTB0o9YqQAnMFkAIXyPahSlbJjHf2kglY8M40Spumx_HmyeOY0Yqj6LwRTOW8k1B0jXUR2dvgBAGABtm0pKTcnuHVxQGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgHAQATIC6wI6AoBA8ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3Dai4bKDV5aMK_notxB2VQpzjqgA%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 30 Jan 2023 14:45:53 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Domain
sync-tm.everesttech.net
URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMNdLXKGX9jvIEQxYBNPF10&google_cver=1&google_push=Aa02lx846RWiXMm-dLvKl7tPtAoFsjr8oRuV47GOeNyuFTv_uw_t5px-u6-LhJW_3hgF3vXayP1hzDgRMcQ3GDNE4LkeYe1-xn1fug

Verdicts & Comments Add Verdict or Comment

143 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| oncontentvisibilityautostatechange function| addScriptPromise object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| WallaTargeting object| _sf_async_config object| _cb_shared string| loadDataState object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| __LOADABLE_LOADED_CHUNKS__ object| _cbm object| regeneratorRuntime string| __strip_step__ boolean| WallaA11 function| postscribe object| google_tag_manager_external object| google_tag_manager object| apd_options string| GoogleAnalyticsObject function| ga number| _zaVerSnippet object| _zaq function| __za_api object| _0x2717 function| _0x4b41 object| _vadHb object| vadprebid object| vadprebidChunk object| ADAGIO object| _mgIntExchangeNews object| IdealmediaInfC1297439 boolean| mg_loaded_798910_1297439 boolean| fifabAlready function| fi_fab object| gaplugins object| gaGlobal object| gaData number| _zaVerWidget undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| onClickExcludes function| mgReject1297439 function| mgLoadAds1297439_05772 function| IdealmediaCReject1297439 function| IdealmediaLoadGoods1297439_05772 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint798910 string| _mgCanonicalUri object| _mgPageView798910 string| _mgPvid object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _mgRequests boolean| i.js.loaded boolean| i-noref.js.loaded object| PWT object| pbjs object| fiUtils object| $backfillRefreshObserver object| $FIslowSelectors object| $stickyPlacements object| $InContentAutoSelector object| $multiDocked number| distanceBetweenInstances number| bottomStopSelectorHeight number| initialOffsetTop number| minimalScrollingDistance function| owpbjsChunk object| owpbjs boolean| _mgPubmaticExists object| Criteo object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| a object| sas object| apntag object| _ADAGIO object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| GoogleGcLKhOms object| google_image_requests

71 Cookies

Domain/Path Name / Value
.zahav.ru/ Name: _cb
Value: 8gHU-DimVUTDq1A78
.zahav.ru/ Name: _chartbeat2
Value: .1675089944191.1675089944191.1.Du9l4woRDzBCVH5t1C0caQv2snWQ.1
.zahav.ru/ Name: _cb_svref
Value: null
www.zahav.ru/ Name: strip_step
Value: 2
.zahav.ru/ Name: _ga
Value: GA1.2.1296710250.1675089945
.zahav.ru/ Name: _gid
Value: GA1.2.239735314.1675089945
.zahav.ru/ Name: _gat_UA-4780630-1
Value: 1
www.zahav.ru/ Name: IdealmediaStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1297439%22%3A%7B%22page%22%3A1%2C%22time%22%3A1675089944890%7D%7D
cdn.firstimpression.io/ Name: OAID
Value: GDPR
www.zahav.ru/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: LDIXAXV3-U-JD3D
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qpj0OseuP/5yuQFbWGgM44fR/rFJVNr6iL7tHcNJKd/kQ/ZyvSarIAsMciPccGbruSmkQ1ofeoe8bdNxOSLVybTHTiltakQY8o=
.zahav.ru/ Name: vad-loc-code
Value: de
.adnxs.com/ Name: icu
Value: ChgIgKNkEAoYASABKAEwmbDfngY4AUABSAEQmbDfngYYAA..
.adnxs.com/ Name: uuid2
Value: 527108006124877884
.doubleclick.net/ Name: IDE
Value: AHWqTUlBOsiYYbTUW1Ds470n2VOgbmO_fgqi2hSgAb1jP0aI86QkppcBa5Vju6HDKB0
.zahav.ru/ Name: __gads
Value: ID=08615cfad064c080:T=1675089945:S=ALNI_MYNHxB9eHZVBxUfaiDBGAzvywnV3A
.zahav.ru/ Name: __gpi
Value: UID=00000bacf427177d:T=1675089945:RT=1675089945:S=ALNI_MayyUWYF9nxSVYzft6uscqGHX2_Jg
.casalemedia.com/ Name: CMID
Value: Y9fYG5mHyrRfcWkg8lNCDgAA
.casalemedia.com/ Name: CMPS
Value: 3254
.casalemedia.com/ Name: CMPRO
Value: 3254
.bidswitch.net/ Name: tuuid
Value: 6280adbd-f364-45e6-a779-3d025a2d2f3b
.bidswitch.net/ Name: c
Value: 1675089947
.bidswitch.net/ Name: tuuid_lu
Value: 1675089947
.quantserve.com/ Name: d
Value: ECYBCQGWKIEA
.quantserve.com/ Name: mc
Value: 63d7d81b-c1751-446a2-8f6a7
.ctnsnet.com/ Name: gid_CAESEDgiq7Ykvqz0hGHRgHeLLkU
Value: 1
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22F5504937-5DC3-4F37-9860-28FD16D0D327%22%7D
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.turn.com/ Name: uid
Value: 8145699399280716549
.360yield.com/ Name: tuuid_lu
Value: 1675089947
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-334c9d14-522e-465d-bcb1-937c671fc7b0-003%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EE4B9B49-1C4F-4381-8A49-315E424228B3
.360yield.com/ Name: tuuid
Value: 38e9d187-6efa-426a-834d-f16dbb80efa3
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 9080671464567530059
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-334c9d14-522e-465d-bcb1-937c671fc7b0-003%22%7D
m.exactag.com/ Name: exactag_new_gk
Value: da78fde834774816bd1691c2f0d56bfc%7c31.03.2023+14%3a45%3a47
m.exactag.com/ Name: exactag_new_uk
Value: a3b8c8c9c67c45268b62c031859eabd7%7c
m.exactag.com/ Name: session_session
Value: 60c0d29ae34e4b0a975860e1
ads.avct.cloud/ Name: uuid
Value: a9bec712-4ae9-4888-9cad-95fa19b954c8
.simpli.fi/ Name: suid
Value: 051F2CFCF7EB4D0183562ED60AF623C2
.ctnsnet.com/ Name: cid
Value: db9330e730ba45bc9a2cc0bdcc2e9848
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22F5504937-5DC3-4F37-9860-28FD16D0D327%22%7D
.3lift.com/ Name: tluid
Value: 3929193130876701819864
.yahoo.com/ Name: A3
Value: d=AQABBBzY12MCEGfvUvit7TQ1UWkXa5JBZ9QFEgEBAQEp2WPhYwAAAAAA_eMAAA&S=AQAAApNAnEgipIIyb1tKzcLM08o
.lijit.com/ Name: ljt_reader
Value: GEsVqGZHJY088AojQkOcurJt
.blismedia.com/ Name: b
Value: 63D7D81C4D565C085C3D804ABLIS
.adfarm1.adition.com/ Name: UserID1
Value: 7194456544552548497
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~29pq
.mathtag.com/ Name: uuid
Value: aa8d63d7-d81c-4000-9cd2-b029ba4ecd90
.mathtag.com/ Name: mt_mop
Value: 4:1675089948
.tribalfusion.com/ Name: ANON_ID
Value: aknsIHtlix88qyTAZbGquMk6ZcUkHlImEfs0wtIObG0VsLBKvodhVqMIceQZaS7keyB1KGhDfNVYOjNneMUYjZcJI4AB
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y9fYHAADUSqfhgAh
.zahav.ru/ Name: cto_bidid
Value: pf7VTF84U3g3ZVJpVFdTJTJGZ08wVjRlQUs0d01oaURPVmo4WEV5SCUyQnJEekIzbzNOVTR3cU91ZWxvSkVQdVpIVERoTEl1aXZYZ3JhTFFxclRxdVhnMEswdm9sZWclM0QlM0Q
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&57adee8e-d5ee-47ab-8739-d5d213cf3ca5"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzUwODk5NDk7MjswMjHkWpfMEN4lq9mP1Lf1Dl8aFI8vVqOLhkPB4gYJkrcZkQ==
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2806:u=1:x=1:i=1675089949:t=1675176349:v=2:sig=AQHUKeWHIsjJFPn3W2WkNQeCZUHFCqTR"
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.company-target.com/ Name: tuuid
Value: f9add9ae-2ec5-4b19-88d6-2796e9646169
.company-target.com/ Name: tuuid_lu
Value: 1675089950
.creativecdn.com/ Name: u
Value: OhahF6rPb4SeAIS3Up6b
.creativecdn.com/ Name: ts
Value: 1675089950
.adnxs.com/ Name: anj
Value: dTM7k!M40<EVNsVF']wIg2GVTd:rXJ!]tbl8i_iqf!oN/@E'zz<*Z0Qu]IX20smP#[/T<QtOaeduVsZW/#M7?+y+%cTD._*Pl[i'pRL>iih.1^`pOew3]j5Z=]7^b$'k6>e`Ues#u[+8[N5e<[GCxa.Ma3+1Qw2yLr9w@
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI3ODcyMDM4OGFiODM4ODA2NDEzZGFkMDAzOWUxNDhlMiIsImV4cGlyZXMiOiIyMDIzLTA0LTMwVDE0OjQ1OjUwWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTAxLTMwVDE0OjQ1OjUwWiJ9
.ads.stickyadstv.com/ Name: UID
Value: 493534cdcae3e7de53d840b82d9f5cfa
.amazon-adsystem.com/ Name: ad-id
Value: A2rW39HJ9UJ8pscPxhM6w8I
.smilewanted.com/ Name: sw_user_params_infos
Value: KmNz3c7utQOAm7ZLUU%2FUNYWiZ%2FXpduFo1kUG79WauXTS3jaEHwP1k%2FGilmQPvGF5OFQZfrt%2FvFsYTJMUXkW9A3c0IOjpdybhH4SdMKBDXfQKl0Ex%2BZK6a6tQLBpsukVFUMrDaMvzcNN5TwKxZ8iuzGlwnhk5uDornb2lT7TxwXgUCAK9g%2BEsCco%2BduseF0hyYZaNcwixMrqpj5FGGSAKKMni%2FXYmDQGXLYhToUkABXJZDH2QiO1f4LgQbDzBIe%2BkC9TeQzD0BBtYhqUJYd7TQeQAS4yiqHBQ65oJtwv4FEqO450kI5gtCQD1Xa55w915pAYP81uPkQkXrV9W26qOeA%3D%3D
.criteo.com/ Name: uid
Value: 01a5d3ea-f251-4032-8bad-162d3996b2d3
.zahav.ru/ Name: cto_bundle
Value: caMtm182JTJGWHBBVGZBemNlTVhsbHVXNWYlMkJHYWxjZHd6ZTR4alc2THRlWWZZdTdScU44T0ZJZTVaY05zcUlKRkxPJTJGcXp0NGF4V1BJakM4U3ZWT3I5a3NpVmU3a3k4WlpwZiUyQnp6RTZiVE9jY1hXeEZXJTJGbXFtYlkwUnBiaTBsQ1I5TFM5RkRNeldOZUJkYzlIQjdOMkhZd2FKRzJRJTNEJTNE

27 Console Messages

Source Level URL
Text
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012501.js?cb=31071971, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://static.smilewanted.com/js/decode_consent/decode_consent.js
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972(Line 9)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-rbPOY/y/ksPjs/TIrw4BI9/bWuRxFoqEsFcmSSo9G2w='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972(Line 9)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-N1vBqICO3CogtDLyI+BumBsC/rnTT1WCYKpTdJXzUz8='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012601.js?cb=31071972(Line 9)
Message:
Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-e5Jl/ImVoybQgAKt0KN7ZdeFzesNP1d/2htaPBgOKgU='), or a nonce ('nonce-...') is required to enable inline execution.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3c0e92af7ae75fe76d172ac6eaebd758.safeframe.googlesyndication.com
76399829e5c8637d5010d9708034b368.safeframe.googlesyndication.com
a.tribalfusion.com
a74e63c6efbe6f16f103d9d7d15d0b0a.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.avct.cloud
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
autocounter.idealmedia.io
b1h-euc1.zemanta.com
b9cfac70ecebae10e788b5681c03b760.safeframe.googlesyndication.com
bidder.criteo.com
c.files.bbci.co.uk
c.idealmedia.io
c1.adform.net
cat.nl.eu.criteo.com
cdn.ampproject.org
cdn.connectad.io
cdn.firstimpression.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.valuad.cloud
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cms.quantserve.com
creativecdn.com
csm.eu.criteo.net
csync.smilewanted.com
d221oziut8gs4d.cloudfront.net
d2xerlamkztbb1.cloudfront.net
date.zahav.ru
dclk-match.dotomi.com
doska.zahav.ru
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fe57972bc97691b997752e012384b7bd.safeframe.googlesyndication.com
ffc13fe933f5196d3afbf06344ee7d5c.safeframe.googlesyndication.com
firstimpression-d.openx.net
fonts.googleapis.com
fonts.gstatic.com
freecurrencyrates.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb-dot-valuad.appspot.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
image6.pubmatic.com
images.outbrainimg.com
images.wcdn.co.il
js-sec.indexww.com
jsc.idealmedia.io
m.exactag.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mcdp-nydc1.outbrain.com
mignews.com
mug.criteo.com
mv.outbrain.com
nep.detaly.co.il
odb.outbrain.com
onetag-sys.com
outbid.firstimpression.io
pagead2.googlesyndication.com
ping.chartbeat.net
pix.eu.criteo.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
pogoda.co.il
pr-bh.ybp.yahoo.com
prebid.smilewanted.com
px.ads.linkedin.com
r.turn.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s-img.idealmedia.io
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.idealmedia.io
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.doubleclick.net
static.smilewanted.com
stats.g.doubleclick.net
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
tag.1rx.io
tag.escalated.io
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tracking1.firstimpression.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.9tv.co.il
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.zahav.ru
x.bidswitch.net
prebid.smilewanted.com
sync-tm.everesttech.net
tpc.googlesyndication.com
100.26.19.24
104.18.33.19
104.18.36.94
104.22.68.131
13.224.103.22
13.224.189.103
13.224.189.40
13.224.194.34
13.225.78.111
13.225.78.118
13.225.78.62
13.248.245.213
13.32.110.7
142.250.180.226
151.101.194.49
172.217.18.2
172.217.19.102
178.250.2.146
178.250.2.148
185.184.8.90
185.29.132.241
185.64.189.112
185.64.190.78
185.80.39.216
185.86.139.106
193.150.127.23
199.232.18.132
2.16.238.20
2.18.36.181
2.18.84.208
2.18.85.96
2001:4860:4802:34::178
2001:678:cb4:bbbb::11
205.185.216.42
213.19.147.43
213.19.147.45
213.227.153.223
23.47.106.229
23.62.221.169
2600:1f18:1aca:4280:b3d2:8f7c:421d:1ca9
2600:9000:214f:0:8:48e:53c0:93a1
2600:9000:2304:5c00:18:1fcd:351:7bc1
2602:803:c003:200::31
2606:4700:10::6816:37ce
2606:4700:10::6816:e96
2606:4700:20::681a:6a4
2606:4700:20::681a:ad1
2606:4700:20::681a:d9c
2606:4700:20::ac43:4bf1
2606:4700:3034::ac43:b6f4
2606:4700::6810:c749
2606:4700::6810:dd4a
2606:4700::6812:19ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:21::14
2a00:1450:4001:801::2002
2a00:1450:4001:803::2008
2a00:1450:4001:806::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:400c:c0c::9c
2a00:1450:400d:804::2014
2a00:1450:400d:805::2006
2a00:1450:400d:806::2003
2a00:1450:400d:807::2006
2a00:1450:400d:80a::2002
2a00:1450:400d:80c::200a
2a00:1450:400d:80d::2002
2a02:2638:1::13
2a02:2638:1::1a
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::21
2a02:2638::3
2a02:2638::c
2a02:26f0:3500:593::f33
2a02:fa8:8806:12::1370
2a04:4e42:200::485
2a04:4e42:400::714
2a05:d018:d29:3605:d10d:341f:58cf:383f
2a09:7c44::22c9
3.126.56.137
3.33.220.150
3.67.59.246
3.69.128.123
34.239.109.150
34.251.153.76
34.96.105.8
34.96.71.22
35.186.193.173
35.186.253.211
35.190.0.66
35.204.74.118
35.244.159.8
37.157.2.234
37.252.171.21
37.252.171.85
51.75.86.98
52.206.83.201
52.213.117.117
52.46.143.56
52.51.7.182
54.78.253.158
65.9.84.231
67.220.226.232
69.173.144.138
69.173.144.165
70.42.32.127
72.251.241.204
72.251.249.13
8.2.108.194
85.114.159.118
85.14.248.71
91.226.245.88
001acbb15d9c69510c0817e6dde361bff098406fad182ab3c367f86ff3da8343
015a88f91a3b4485fe6e25000a128d17e5685ab906567a2f916f615043582c93
019b9c2efa78a4e16ee425e8a4026596165b5b8bffb8c05902a32aafb3ca3bed
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0308afce7524c4873c802bc02670e79285b1511a511b39881f9a4b4ad5282bce
03aeb73ebfd0385df968e824e81656ea88edfc875ad410793e6139461fa40262
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
05479038542845ad179d0ec3b647781a0711275ce243c6c9f7220429f6d8a8c4
0603c6ca80ecb7b77ba7110ff017476dd882545e075946f844a18384ffc83785
0685005fa255d1100a5eef08f8e129f40f0565af7560d6f78d17e9640873000c
06d5536790e8d7944356feaf9ae77fa4796addcfeade125e8ec10bb4b7491a5d
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
08ccfd969a7bfc6fc5ba95d30b81005d6ff9c960f75f010f00c6b602dae95039
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b2b2925306f16b7a1e252d9cab0723bfba39ff84b077bb4795762df898271a4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204
0d0974a6bd224080f91a59d02c850a51c48ce6603b5098ad08ebb3aa54d32692
0f37ad305645ca8e3e7844c03751cb10c6184ad8d15a32ff8b36020037a7a7fc
10752425fbadfe60a419b93d6d305457eabcac3e77eff48b553db5d2ed07c4f7
116929ada3d58f1c2c9058d5f371da36818df5fd7e20cc3ea69130442c7cbc95
11ad992bb4911306422bdd369818ea5d9bd38790c77dd1220dbee33c79565778
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
146a64826cd7fdd7a02546901a50c199c7cd8bf2c3a87be4a051a269ab43da69
1477db3b687f95253ed12d51fe248a1db9f97f5565feb9eac9e7ea475dcdb3af
148181625a43116572bbe0c90b49dc6bff53b41408a6211f56c4fc5e546beb53
14893cb69c4382715eaf4b5e4732bf7921596d9972dfc3f106b15bc21d2f1ac9
1500d5a98b14bbdd40f36b77baeee36e3a87bf05a9dac913e132069f06d542bb
1529002ff0f1d31928a5090c1f28de571b19464dcd04540a5dcff9be9277dffe
15b2471849f00bfa4a4db3c90bcd238e6060b945677ab82d2f581e21d238f3a9
16a8dd508ca8311d05a8a78442eede27aafe0db4cdb759775a8b36624d51d4c5
16ec50bac671d303d46d078347192e3defdfebd1488991288f6182f4b6fe1488
1883deffe88aa926871d758c6db53bb165b24bbee16c89165884ce1cfdf770b5
1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687
1a8ae2d94b5b43c4e82cccc842cf9aaf4ab76b9acc9affd8a1d1024eb7a6fb23
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1c3bbd73bc14adbc3116d6cc5e8cad748a09b59b8f9ed63b1a0b23752481ac0e
1d27f89e2708b673850caa81118e9245c6afdd422358378e09ffecce4c26dece
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1d93f6c62f338ed833987bb72c1c77fa7515552472a9b9f16b121bc1e4dbc200
1dab71b378f734f0261f1839fadf904241930143dc6d6b804ca1bf380fd1a218
1dc85b6ce2f9d4238d8e6dcfe6a9c64eb7ca34aa84da83f530b8b1e9accc4083
1f5fd667eebc8a4309e90831c59436b81a0a2c4acda9f91c76b87d1c706cbb53
235c69e161bf3f373466079227fe2e7d73d7c9756a0993cfee427f6ba46d63e7
236e80aed19c1817c47e0ae685b639d38ff9dd06e0c4238098e045ffcfcb66cf
2524a32757aa44703be8a8a78e64f32794da290f29b9dea6ef24c7f368d085e8
253dadb9be21a50c39c7b4478a0b219bdd8e1b1d0613c8a054063d2695a9d9e5
25d810c8362ddc40819717eae08193e2f828a72b4092a26fa386d8d4fccfa66b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26abbdba84dca7a5e4cfbcc8b3e82b19abc4c68262c7c97c4fdd892e35770073
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2836a92ed5effcbaf0543c232ba75c2f7f3de25e33d182461fc9192b709eadf9
28b06d2958620fe14c87ade3a529cf56f1bdc6713ba012f70f9cb4274eaab368
2a1eec148f3e7a4e2abb7567eac85f10e22bc746177e21e7dd2f18a39e231d9d
2afbc5e6d400b5c4c98d68ded2ca58d662b9308ca46392d6e13e861db2073a97
2b30b8af0e51c334fb2999b1dd5a29381a1cd6c98af6b056cc3052fe3af5bdac
2da83c245bae0df1dc1fecb7722914590da24e7eb646499ad48950f8ce4cfefd
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e55afb39855c447bf0795158c649933bd6bd19a472951e873f11c11c44e94a2
2e6135c072c19defe78d09fbb75fe4b63ffecf2b8210e7ab186d3bdeacc940e9
2f420d5b6a967dcd39bb20d47407995e9201eda77741d52f5f18fe9ba6516159
3095c4658de26e258543188c91bf856e2469171df712956f56a68dfc8d8f48ec
31457fbef7aaf6c5677325feb62f067b6ee265b13085ac1d2e605825276ffcd8
315a6bd7949f170f0dd2a582e446883c441be83db484996676c4b6a83e5f5e68
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3262b600c151f33edc406fac71a8673f1f5b35bdbea22aa88309f55a5219420e
331acca9f6cc4fdd17014dae97d536a7106067c1d0adc9093181e802e9c2d139
34a81da6fd8dc8a3e218e500ad75692301d03b944738003b6087a06bc27fc938
3507fbb24135ec817de2ac6e5fd75d700aa8095981f5287c21a2d55b2160e3a5
3577296ff24d5c22f8d95992151392e2a41256892a093eb05bed15614e49cc11
373680bb06414e0199fba5eb7e116f43357f600447756bf79b782081f4d0ef84
387909e1bd44fb55a23ec3a07e75b801fbd9e4e8e8132cecaa2e074f18dc7efa
39236128fe5c0e392d70d5f7408240e5cbde2a6458e70e025b5c50781aee8270
39ea6260997f7c990c90b16191a8c6f6acf9c805f59b53bf18ad494ff7fb1c5c
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cff88e2e98502c824c2a9c1a279c9defc77955579420dfcef03605e7668398e
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e50a175497d44d3bfb764d99541821c913fef8630d0f7a6f78fb31efb64f96d
3f9909775d48d612aae837f0153817e8addbfa082f901254471bced4d8c72691
3fd055f9b0f7d6baaec7f56e269c8dcd347f6680bbd4194c57ee590a46fdb95e
3fdbbb01874491ed4f2e9ee1f946a6276778f90afb72cbda6e2afaf71d279992
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
4093ceb3865daa1a962c13395fa4c1190e141354a23e9cdbfbf68a4e5bd1b278
41ce5a50db6ab9503b35a5c94e05c906523a5c9d70eb9dbe6fe46fc3cef403f9
4212ad6c13757fe8fd652f24cdd44743a7e960fc77b15d5f051b75cdd6fd127d
430d49536fc7a50b6f64c596f88a723f8641638e5ff45f588fcf943bff7b6caf
446b0bb9d49ccd632ebe9da2f9400d4a930063ebbdf257efdfd776060093b442
447966c3619f06d06c5c9d70ed808c04b4650f5090066b2e798a5f5accd8d561
46600025eb21fa52b84be1f006aeea4d75e9fcf97be91c5ea8b0a2b3c67a91a2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
4782f83dc6e60cadbba490062676bca4049c00df13c032a1f1e79bd2a6f73c16
47c51f0b16c28981677f008176c5ab754750a428bec79a14bf4cc095fca7cce0
481ccb802aabe8d69eb7da4a7a9763f89b2e55f33f63a033aa90b772ea4bfae0
486aba993e2ef444f041fd00b4a92a7793fbbcf1ef0c77fd4db43525ab82bb9d
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
49a94741313fb2122f7be0995a39d44778fa644a3a7abb1db0b281c7bf8e335c
49b4da558c3ca84b5118392939c26d9ce5df6f3629e6e29cf63a1d06bf50aca8
4aaf032c9174722aee7ef436331041bddbc1f550632060b00bfba2ae407651ee
4b206714458eb67bd42542b592a2693bdf7e0f3e2d8f86bfc0271132cdf63519
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
4dee00c9b171facf3e8508984a8d324f6fcfd5d7b9458b8733ae046d524567dc
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eda6bd1ddd10315c64f1184fa2c9bc7a909356c7857dbe1439a5557ce34bb63
4f4db957340b18ded839648a36bf4271d7edf963930b53aac7351b0a936a1408
4faceeee99bbe3032660caca806efda13ae2b6b99ead443d8b0a11ed19b1a0b6
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506232725b472834278e60634b4137a0358256051a6fb7f6f03582964e756de9
50bfb8f22ed911a509bbd506390c9c6b57360913c7b58288e4105138b6f96ffa
5109dc682f0ced2c23a2b3bd0a77a4726911d53350ef393a759a23209a3eb6d2
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
51170a4b170834d9061b8c85adb281b534d13763f76cc4f329e3e39a63277447
512d6e9833ddbdc3571f3ca863a605075cf389d305cfc63f215de755c1cc1854
515fcf87781aef040a6758d637d17d941caf08ea469656259b5fc3745b832d41
520f191e28d82a3d011d351dbcf9b4fbc0594c805ce77a8bde3167ba0e506426
5266d3c7c073798021ba297b3644a1da5012b9d18fad71372191977279e74339
5397fb67e1dee10994debb1ea89ee478cabfa07db98fd5582f4d6f6a8beef506
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
550a53929eca38a6e4967aa9e78e6fcaa6db8d3516c1f79b764a340e9902e4eb
554a88e98a96fc401b9c867ebcb2d66b847e8b5820795cdda0bb4475d7836f6f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5618a1cdf82aad97f1c6240687b1707be691d2453d74a7a0234d62bf4bccd877
5634160b5779452c237d49e24be812637f98f9d7f64b1f4115e3ad786cacf48c
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5774ac45664e7c0fa928458d558b1bdc66958c052268ad17d623cae9ad4f5e55
57fd6c43200b7365f2919217ec479ddd935dcd9f43cb8615e57582ac70adf492
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b4d0549fbd9ed35f77441ca5611f3982ce773adb38e163ec6469d99575086d0
5b8df9ca9d91dbde345c3da756f87adf40404e4cdbf74d436f09b37231a08274
5c8845f25df6691fb9110a4f2a0eae6ad48b00de5a2aaa49b181e2eca6b35f20
5d5e2dee576c2bdaa579ac52418cf08775594360d88718cd68e38d353d226183
5d9738dde7487e1ec2fb51a694d37de9c4b96e0ce071c786c2954d80d86153bd
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
60531e79a8bcd2aea26e031d6c09a2da7ca3c074bea5d4585a5009d52e17f81c
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61535930a32aa50421b6ae00b53f8c0508945b3d1edf09a2c3ddc0768e318249
6186cfea35c31d72e10d231fd3c43c0f30f91f1248488723fb58399e8d5847e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624f0494fca1a39f49b63bc119f7f76161c6cb1af4d6f8a34fd8ba627c195868
6251f4cdeea85f4e17568e044ef880406464e036a27eefc6968548d1fa6dec0e
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
63414ba72dd1117e24ae0425d6396f77179f04fc67244d977fd6b73eb1fa520f
6369d32085728856813df2a0debbfed9a2338698cbba75737849c9805a9570f3
6374d481e64e6af3e7e2627dbef154766409dc3e71284443dd10b401df999228
65003d888e2b77ad662dff1e4ea4fdbd851538fbd5957e2a28c3c02638254f2b
65e3567eeb1648dcbc9ebeb57739af4cbe6b29c9af50419c3cca44b726f9084e
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668967d6654e543508409f29ffe950f41a09b124edd50cbe50b375dd497fa2a9
673cfa216f5ba0d28634c396c15255f3efc2c3c4e728f7fcb41b56407541cb9d
67e782916b4c7061c71e771135dd75e3422484b1a8d195fc0c3786b0778958b7
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
68b34a28617137221b76b93546359bf577aea1d6b3aadbd65b40e8bbdae7dd0f
68c05d4bbba854242586c2bbb978a8894caea24ec19025668700bdf02676ac53
6a643d5f5dc66c01bd0503068c3d1ec5ef2ff01a318e2268470745d1e0b8b098
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b4bdf055f77c2d7baa0a194ff4b43bdb570fb9adcc06956c7bcbfc44ae70abe
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
6b64296cb2f2552a593f17ed08ab02fafbdef8779a3439370e4d4b456ada2588
6b8c3ad787d595d4940358b19c549f27e2e7ee3e019533d939e337df098921a6
6c02b4d4daf27fa92211062a42b8d7dd83e3990d80aee07fdfe7b4f6ea093688
6f368aa8ed1ff20a7f45f67285eb393b6b164a71826955217eaac1aa54c31980
6f6d4ab5d63294b0d78c78d2a21099f6127e2ad2b54a81934422eb5dbd262d63
70549240fea1a10a4c0ec5804693af68a23eeaaff15c9cd1883c0138c81847e3
710bea197e3c2984c702b72b91f1d37363d121ade3316ea9d8cadcc3ca4a684e
717fd7b2ffed856269e7a8c97cb355e144652f3fe46ce26bbddc44aa5a5a9e2a
71a6d415828cc228b6b7796a33f34df3bd00a4bc9f86da8d08480eefc79f808e
71aa8464d599e368610cb86981ab30d4607eda5fb00bf25e4b4bbab00de9583c
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
72f5c28a9dd9759817eca2838f7181aa1298dff4c323768182a7c6a3b81e4bec
73c12c92bdd8ea974a45dfc34ed9b0e830c9ad357e49e5bb542043efb3cd7a93
742f972bdb883ceffc538615da3dfb2c08d3902686b79f495e255b05d9200fe7
74a96bd51a611af61006e99313be644fefbae9c222bbdcd22624e0f35eaf1d88
757c6dc6f0497810e93559029b21701920c7d217ebdd2a276fa308bc53fa7765
7581ffbb071b2fd9d4e8f2d0f827b2ac625eebc8ef4ec011ed40fb42fb1ac83d
759a3bc931c92a8f76146408a36ee180634e46d3b75a5fc1db15506be10c1689
75b72d740c7a68f565ebd0c160a68f98f6d32e22d63d922ceda741ac21f04d07
7602af46dbc686701acde17199c5d8cf8db88f51eaf8c5abb397a8c0c4bf4fee
77270d6e6d4c6e447646867f404f92cbc76537c234cbfbb3c62e90ffbcf1111a
779154b7d164b359fd271d3babb7d4eac4f48c49a978ec0a6e0a3f646056d13d
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
7a98b64008da9d9f9b2939d54dc7f8a9df69ad11b4a4286067f7f5dac201a014
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7cebc3ab0a883e1cffb03eb85709331910ab0c1c2cc147697fcfa3f737aa9327
7ec1f972b9ef2ae55c71ae58ce6f237b6147e0a02b0bf15e3a2ff7d3493348d5
8009a3bdd13e4e550cb8d91c511b46501b91cb8f4457cfea8774f15df76ed27a
808c54effac2ddbaf08253dbee351267c8536141bf316fdfbcf875c7dd3768be
809fa0a31a087de8d1276e61e10854d5403382947f2149247d8f291c64856cef
810c2f4d788fbb9c2d4ce33f11faaf1a3f893f613129d60e804701519bc5895d
815a43a7007a92ee447a73a66cbc3930a5422a602adabed4490985cffbe69ac2
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
842e5e70a2db1e50f594c2cbdd96cd61b2df3434f663d26b53fa1d168212781d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851948ae6cf918c32a36102d7fc1f0bb6e3a8b416e1692e581b648c09c961ee5
85d8b565ec1b8140a0f3dd1801e149bc09ee8fd650539cb35ae5aeb86faa29c8
8614c1b461abad124090296029baa4cc22f144562766b0ef2d0cb5e14d29d4c6
8a7d2e2139bbb99146d1a5a6cb9198195bc0f4d849fb8bf6ee92dd0412373a89
8bbab11e31317bf825ef772b5c78330f695c9a6cf061e94d2a639ae5b2e5790a
8c395ccc5d2aca2935efc0437d36ef20dd13110dde5887db58bffc99ee330abe
8c64f55a5448751409418c195c34fdb8cab1dfa25b41eacf7e08f1dbab8c7555
8c973fc683837b2b8c9392b6c4115c52f98b8c8c74242b0a2cafa677c60fa1f4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d727537eea622a4a1dfed50354434f00887a5292731d84b097219a3fd0b6d4a
8e190a4d5edc1e768529b868e650ceea914c8329d7083c5af4c6b27045b10a72
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fc54afa6386ead68e77c0d4cad4413872676b51d4cd1f4a9f54988322ef9992
909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
912e6379f70f24452c47c9308754448d3e0c2e8c5222d3f71df43cf3a69dd8f5
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
934d582c845d55243447cf870ad0e2a39892a7d692fedd758e31f6e1acdf960d
93b3c4a595bd63cb41b20bfa3feed5a0515c0b1ad5b943d12c50e37dcea64696
93d3ad417f90dc2679f721a0105974469055e6110c6da0a316a52ae9b8e4731e
943bffe44175fda268b40ed3fecfcf77df13d166786504fa59f30567319d9a1e
948dfd7372d70c12a80472d86b4033d93adbb52d02d4585d519416c4f4b4be62
95044a79f9caa269e38e4f71eb0e3163c92a27dd9d75585dd969693c0e137815
95db6265c2c336d53707a24c7f8ccfcc921965c848f18bfc64988ddf4fdf8b75
967cddb9245e13a557ee7093462f123736bb07553fd8e985c7edf4297729ac1b
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96ee4af1a80bfca826121f15f56b50d47f94f5c3bfe78a430f6535e98e7d39be
96f15469b5ec631a13ef9e466f339217925a922928db15883e779d7546664fdf
97a2cdab1baf6f1998a9205f38777631a7fae0e5bcc2afee40112549c6a1e637
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bc1987f47b5008bc2ca258e9e9d3e58ad0e7e8fa7f90b4490619c8d06429c6b
9c7877e1d384c0b999c561aa3346a5a367d4363be46abd66cb0ce90c01ac3a03
9c96e53d0c54ccf0ff0f7c4484c1187a869ee8554f730233e792ee5b13f5c7e6
9ca835533fc4836f0ceefea006b64fdf2ff220e4af8c7f35f9feb0578ef1a963
9d15886eceaf71a6b4a691e5366e677d6bdbb3a9dca94c1ae518666160506aee
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571
9e201a537dc59085df1aefdd0845148045056cc32d41f2ce4feeb2f309b85af0
9e3c3c9dc24c88ba3faedd92493c57fffd88212868425c2d92895d7ee0fb1392
9e7878bbb1a0d8199e68adf0a7ffdf82a162b0a24207a696b0c5a8c3f64acc4f
9fe53095d8381a3ffa7042a8cf71204970cb81a0898c50345f821f5dc289ac3a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04234a27aa4ef2202362cf1487be3930cecb13e7b029ec342ae94bc0fdfed03
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1b95607d3ea9371fb72c392e8ae3d77dd3a4a315cedacd47cbaa0d2b44a53b1
a1dc7e9d974a4c6a447337c0bd883625160b92cfd8311a955a9684f7514d0d2d
a24f46d72c8eb6bd9b95f0d16ff7dd988fd9440c15f7f0c152645530edbcc52a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3165e28bebaad123ec25ea95a94d83ba0e27ef4ab977e542781ea82c6b264c1
a31ff7101ba5dd23109bc0e823f9048bab1673733ff40ba0b95470e04d7ba7b7
a325393d998f06cd61565d05e1fa93ef4e9444131e4ddf05be4b3893b3f793a5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a620d0cc0e199b13300d4e785ec1a202189fcca6d647dff49611c5513cf419ad
a62ebf7d18ed2972a10bf34a67dae30568e60b0139642ce3876cd6ef1492580d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7a069c6337f9a790bdf963db3fcd635c3b1733d6c6b0930bf8a912057147b5a
a9cb428def2a2029a7e3f16a1a537ba3106032a92eeb28b0198326c80b2e4630
aa1067fd888278fa338ef0c15a83e87a30f33e4105db96aa9caecb49826e9b09
ab17d9888da7fe191380187f35a1d5181e1fd2bed84f4f53de53f21ca094e20d
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad19787d6918da31389c40e7a0f575d175511aef25ec1d6aa7339e091e0d00f5
ad2ae14f9e3a0b0f5a8ce19fef6938a770fd218074ed858feaf48cb2986c4372
ad5bce81855b7b84b352b67b24a7ed2172d81418b253ada28f7b992851086f3c
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
adb8d414163a26f8b38a7e40195c2c6d3df2681c41ee628c1dfec9552cd87a9a
adfb4cad9ff9a338742a03254c75f3bb152534d4209c0eacf2175f4a3091d667
ae633993bc7b3cab03ed1c6c815522b7cfeb0b8d34cbd1d97526220fc758b8e3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af0113554bc3983c2c432995ed8a4b40cfa2331aa3eb77ac2a89e5cdcfae6773
af8b66d1d780c6e94b5f71917064214c2f59fd4fe5e5be8a660f97128438735b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b09ca74ae6b15bdd16dd533dadd3ffbe24c7b24a9ca595fee2a631a46a333e38
b09f7259d863b5ca48eb4801cc697cc00daf1b283b66ece8a4d958fd05babd3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22737ff0cffbc4224eed81781e00c9eb3a242590c59a3c14b11ed5bae83a6f1
b2bd7aec67a18a4df67f129a596f09782103ec1941bd49bc223ca153a1754de3
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b3f915fc4d0a6193c5009ba3f1e6ed7e3ceac82574437f0df5df606c1dd4a4ae
b41d60face1b293297c046e0486070665b3b27a0225510b272064c31c278e628
b506520a9a42179a54e4f0c7a3857a37634ea5827ceb362ab79e89969067138b
b8a25da5e29dff3161cc813b321ca4375e5ae6d494be64b757c0d3f56d03655c
b9919cbad15cf23965ada00055e208b5a56f58ae24a2cebde59d94a862dc0132
b9b89c796da75de112b90b085ebafaefb7849c10c076e7626720afec2f96a59b
b9fff3f99dc21e4051a54b10c589611a6b4c56b78079c275cc9279d996950468
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bac5662f4ad8d16fb814c4342ef93a7e8063b08bb95401348037f7aad0c64235
bb7a31f16a1a9bda77fe3d3f1201ac7e238101cd1022b68e93580fa39394fbcb
bb7d1b5185fe782e03c839c36cd6fcf8562aecf1b4f8b8203ad9d392beeee0a0
bc54379b6288f5970da471f0f64ca15f8c9e3a3819a0950608a45b7479d5a11f
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
bcb5c5298e2439eacc8bbbd3a20f56b1cb005614bb4af475a9510124c33aa3ad
beabe65680c8743ac2c03b469d77be5bdd4746db71a57352d44924991109fa65
bf14f29e311e38bd5333f8cdbe27cca9dc5bc698cfd746b708e50a7450f95d88
bf46b9a4f4b3060d7f7764a646baf89be53db81ac9e84963479dbdde490725e0
bf750829742aa8cd9387879d3ccb2c9b21af853141c2b44f40faf5430301016e
bfb9adc31fc1a6f6d63961d40028ae570693ccba8a9345eb4c9f3c57a0288cb6
c0991eeea3d3acc9936962e6b63bdd1086957405866048eb56368169e4fb101b
c13b983fea35df1a66cd851c5095ec23a7734b630f1aa927e174bd792bb0e12a
c1bae4e89b801a134fddbab245b509772697bbba5bdcc7b339ade2ae48d5760d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c446d2875d9b3774eed93d6ec751fb5b0e5776418b6297b1e085db160f833177
c476691ae3c0668e41ad1b3fddb8280efc392b875a22789694ed9ba52533ec78
c4ac6eada3c5bc8a1b4aee17ae98da2a55190efe2271d5d57c74d6eee23b3945
c50644f107f7f9b074cb32c5ac45fa799d564df4954ce8a91641cf56cdec5b6a
c60e3aa73627a9fa0a352e64d12c004924052cc0fbe4b45ee08fd831447fef07
c6ca62f78e9bff74cc165d26f88bd40852ae09eac3417e4224b2a9e830da1c41
c7f7b6ccfbf79cae50825d1c5bb299e19e6dcf08322824815ac50a223949b7e8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb10d76aa53883f6ea71af1d4c7777ad3660843c53939e8c59a7cb1bc350bb0a
cd65d87aadfcaecbae93f6bc1268b9ce00d65fc6cf1e0c84a4d115a27d4bc3ec
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cde1e812a0335654f8b799dc109ef9c0254c72de4e35f40c20a2bdded0be19c4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d13874f942f81c9379dee41da38647c629fac89c3af8e7336ce8621c3a88423e
d4889ece5a73d54217985f05b6efb913c3677a2efce573e56f41a8d331ad93e5
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
d7ca9eb78a6cdf21fd7619300b48056a6ae7e4729b35c3450281c0b74a046fef
d80ced94f570c7b95e8d06dcad585ae9a7576602c7a35c9c59582f37f1c9251d
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9831493a77bdfb3bb5534ffa1a0cf9771e089a187598b55d60da03bfcff059e
d9e575f269cf78bfd89ea84a3e54b7b0faf445f055ee49364851e2eec58fa11b
da0b6d838568578267adb1ed368f7832905c45d4431e6cb28601db4161e280f2
da45946a8ab3fbe6e11cf2f7c211511855b751dff3c0a73f3768af44a4501e77
da4a76da2f7b8699744313947182d57adebfbea051b931c01df1f73e41d5ff33
daa2101a8136cc4ea1e6ebf6f6064808dd5018045a821b7061ca6e7462aa68db
db67b567b8dffaf33669c47a96a42d1a19cb7f99037fad1f3bad96780eb7efba
db96082ab0c3ebb2a2ad65bf2ef851ae196a45930bfb1bf1f6a62e66fa6cb15e
dccbb81212d20c261243940e8051e3dcac56545da1dd89a590eb206a8ec42df6
dd6cd8ff5c4eef0aa32d6417b205ab52786f996a08452f020e5ef21dbaff7f11
df3478787b7f6d1bcf4e218d1b7d897e80d2234393e689f24758d91ff7c93957
e064bae416609c3a889384a353c1fccad530f6a9169a2dd3702aa54813d88443
e08db94c0edaeda58d9ec49280ba5cc53fb5419946848d6e773b0e4ad84c6ef3
e0bfcf41c566f571ea252620518b4bee4496dba2b1df9a1aa3e436f81592e1b0
e18c7f470c660da0fbb80b92916bd2f6d3b5c5c761d5dfa9008ab8fa3db1abc1
e1ab838c676369c7321008e3e8137bd18a8d9a339f699f5231e0818320f0798b
e21c69355d1e2ee2509ba7cb8958a5a43833cb1531a285265082ba370206d50b
e2a22b966a9515d2608d689594f6b4d7e56bfc122e49d2e919381a0eb1dc5f99
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d7b5e2860d070b9cbad6ae9998843a9c172c4870eed3a6ae217cff33571faa
e4167e61c11cea7fd5ccca2c28703558cd6ba227974d23e02286b6d09d9479fa
e46fa7ee227000e5803c3317aecd58d5f4fa151e367a94f24e9e814b9dad6330
e5015b52ef8a203d48701c59421d20063d7b1afa91cc6f67a72089cbefb3428f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59f576fb077be32309f57e24d0371f7af27a3f82e91aee4a727f573ee9ccdb3
e6a3c16e5968a12e55b80eba6ab3b31ff033153e48883830cab45bc54faa3d36
e6d98898f27fb52368eb2820eba5b3b36f8698a886b99b2e547d5c0a626868d0
e76dcbac23f25f1d12dfda4127431cddbb1054b5436f67c48e713a7e0000ae87
e8297d8a88ce77efd81965995721f4be663fd6810b74d14ca32a621e742bb7e7
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e895882e79690b5910522fc6d1355f697f4f3c30d2b5c92784a94512707ca1b8
e8acb14506260c4c012ca16081656a17cbf162224ddf70d31e48e6cefb7fb6cc
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e980978372ef893e791fa10ac60561adda47a13b2fa5a10557e491808259633f
e9817ff441c7044f2d126a3e12b02f624bd2fff669e3f6092d9c92324313df13
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec272e8159f7bcdcc7338c8711ef107b364a921829e21c7dcd4584f3366bdbb3
ec3f68c2b1e10acdfc6f1016a92486c277d3bd573f1b9a80c89d1d2b226f348c
ec66e5c012e4e56f1242b31faf24bf855acf336c821526ce64d7150d7a2355a6
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
eddbba8861fca894b4f1173cad21d8411f9b93aa7aecf541ad883d09684b34f2
ee41c1f451d739ef9af98450c339fa1809cc6bc0493fba60e5db1f7ca25d579a
ef0905ba3d96be8249f9f94a39645e6f7376384fd3bac721c9e9fe22b954b9d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05b6f9877fc4a3f9b4587aba72a9c63c60ce1e26398993498187816366de818
f482d4a31c7d062ab15f0a3d0a7289d4eb1699ddb2ed8e5054c08db12757bb2f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5b433c67070f4a50e7733fb83525ae178880c4f0ba990524871e48a2aec3b5a
f619025fb256e348bb9addf8f86cd071cc9f7f078dc8909513e9990c2eae2123
f78b2b01b468c40416cad9530465f011f4e160bc9f5e43e271103bc997fda024
f880ef6584845869e5d81b2960b8eb81ec470b88ea8859dd75a2ef80f56fe8dd
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f89756e4d7e60af4f081d9ea1194de02563b4a6b122f69cd489b2da3a47b6b6d
f8a649bc2a5ee786f2ea392281248d859e08a6fd8066e4bccff8f205bb9196ed
fa962698add9de75106dc5ced0bb9ec5099cd40f69acc2972648cee49296271b
fb31f9629730ffe91684e265cbc76b4de6bceb9df35599c181e62b5e1b7697d6
fb5857c3180220bb1180d35b01729d4fc0055050b78d2270dc09b84b9ad65fbd
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff1f53bee8d59ccd36b10c8c813222a9dc0e5fbfcaee8f81ddaa9d2c19bd778b
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3
ff8d758dc761d10f639c836ee2f40e12c88ecc593216095965db7fe87101c808