urlscan.io logo urlscan.io
SecurityTrails logo

mosesrest.co.il Open in urlscan Pro
18.66.192.97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Effective URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Submission: On February 17 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 96 HTTP transactions. The main IP is 18.66.192.97, located in United States and belongs to AMAZON-02, US. The main domain is mosesrest.co.il.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 2nd 2023. Valid for: a year.
This is the only time mosesrest.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    18.66.192.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-29.muc50.r.cloudfront.net
www.mosesrest.co.il
53    18.66.192.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-97.muc50.r.cloudfront.net
www.mosesrest.co.il
mosesrest.co.il
7    18.173.154.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-112.muc50.r.cloudfront.net
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com
2    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    18.66.27.13 (None, )

ASN- ()
widget.equally.ai
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
9227380.fls.doubleclick.net
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
4    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:831::2002 (None, )

ASN- ()
adservice.google.com
Apex Domain
Subdomains		 Transfer
54 mosesrest.co.il
www.mosesrest.co.il
mosesrest.co.il
549 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
9227380.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
7 KB
7 awswaf.com
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com
575 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 2400
adservice.google.com
1 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 5654
841 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52
406 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
region1.google-analytics.com — Cisco Umbrella Rank: 2000
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
69 KB
2 gstatic.com
fonts.gstatic.com
25 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
3 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
185 B
1 equally.ai
widget.equally.ai
0 popt.in Failed
cdn.popt.in Failed
96 13
Domain Requested by
51 mosesrest.co.il www.mosesrest.co.il
mosesrest.co.il
7 b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com www.mosesrest.co.il
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com
mosesrest.co.il
5 www.google.de mosesrest.co.il
5 www.googletagmanager.com mosesrest.co.il
www.googletagmanager.com
4 www.google.com mosesrest.co.il
3 googleads.g.doubleclick.net www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.mosesrest.co.il 2 redirects
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 connect.facebook.net www.mosesrest.co.il
connect.facebook.net
2 9227380.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com mosesrest.co.il
1 adservice.google.com 9227380.fls.doubleclick.net
1 www.facebook.com mosesrest.co.il
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 widget.equally.ai mosesrest.co.il
0 cdn.popt.in Failed mosesrest.co.il
96 19
Subject Issuer Validity Valid
mosesrest.co.il
Amazon RSA 2048 M02		 2023-05-02 -
2024-05-30		 a year crt.sh
*.f4bdbb0f.eu-central-1.token.awswaf.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
equally.ai
Amazon RSA 2048 M01		 2023-05-06 -
2024-06-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-27 -
2024-02-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Frame ID: F571CB09637CC882223BF65D89C88585
Requests: 94 HTTP requests in this frame

Frame: https://9227380.fls.doubleclick.net/activityi;dc_pre=CJTkkML8soQDFc9XHgIdh5cKIQ;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=121047000.1708193458;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F
Frame ID: 12AB02F47584A7ECBDB40E8798323ABF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page not found - מוזס | Moses | אתר הזמנות המשלוחים הרשמי

Page URL History Show full URLs

  1. http://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ HTTP 301
    https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ Page URL
  2. https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ HTTP 301
    https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ Page URL
  3. https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

96
Requests

97 %
HTTPS

71 %
IPv6

13
Domains

19
Subdomains

17
IPs

3
Countries

1655 kB
Transfer

5339 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ HTTP 301
    https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ Page URL
  2. https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ HTTP 301
    https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ Page URL
  3. https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ HTTP 301
  • https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Request Chain 4
  • https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/ HTTP 301
  • https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Request Chain 72
  • https://9227380.fls.doubleclick.net/activityi;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=121047000.1708193458;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F HTTP 302
  • https://9227380.fls.doubleclick.net/activityi;dc_pre=CJTkkML8soQDFc9XHgIdh5cKIQ;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=121047000.1708193458;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
redirect.php
www.mosesrest.co.il/
Redirect Chain
  • http://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
  • https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1978b9c591c21e47141d7624bc24ce1e4d0fd8a1faed2929e55dda66c86ed79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0
content-length
2404
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 18:10:54 GMT
permissions-policy
geolocation=*
referrer-policy
origin
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
via
1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-id
njI2GkRPW3XulMpmbwvoi4zgweMNPbuo_8sQnl4TSZOrMyqC5ZhxWQ==
x-amz-cf-pop
MUC50-P1
x-amzn-waf-action
challenge
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Alt-Svc
h3=":443"; ma=86400
Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Sat, 17 Feb 2024 18:10:54 GMT
Location
https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Permissions-Policy
geolocation=*
Referrer-Policy
origin
Server
CloudFront
Vary
Origin
Via
1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront)
X-Amz-Cf-Id
jY21kxt6f_H8e5Ci38HR792V2pwQqvhLEASVisH0nzAq9-GhyM2iBw==
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Redirect from cloudfront
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
challenge.js
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/ 		1 MB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/challenge.js
Requested by
Host: www.mosesrest.co.il
URL: https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-112.muc50.r.cloudfront.net
Software
/
Resource Hash
369dbc68180eeab82614d19634328c8248a811d6c465280478d2006524cafdde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:54 GMT
content-encoding
gzip
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Sat, 17 Feb 2024 18:10:54 +0000
x-amz-cf-pop
MUC50-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65d0f6ae-009c34fb298621fe155eb7ca
content-type
text/javascript
cache-control
private, max-age=86400
x-amz-cf-id
UTU_mRi_Nzlle3ZgmAHrBvy6--ckgFQ_7MlwVEIAA8E8V_MvwCcU5Q==
expires
0
verify
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/ 		316 B
734 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/verify
Requested by
Host: b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com
URL: https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-112.muc50.r.cloudfront.net
Software
/
Resource Hash
671589909ecd235be3262e3e6a391f93fe9d10cac7c9d3e61a0dd1e5254891cc

Request headers

Referer
https://www.mosesrest.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:54 GMT
via
1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65d0f6ae-63024331027e1a1c4510769a
cache-control
no-cache, no-store, must-revalidate
content-length
316
x-amz-cf-id
-LWiev_7SQKUmWrU58HcftJBrnagnWtuBG1AwncUq5Iq1BoVwKvRPw==
expires
0
telemetry
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/ 		884 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/telemetry
Requested by
Host: b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com
URL: https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-112.muc50.r.cloudfront.net
Software
/
Resource Hash
d20027543b4f170b37c7f1d2f0832fc5c06ebd44d2bf6a11b9b28cc682cf5b0a

Request headers

Referer
https://www.mosesrest.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:54 GMT
via
1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65d0f6ae-310b04461a1f1d57018fc635
cache-control
no-cache, no-store, must-revalidate
content-length
884
x-amz-cf-id
mJtpJse97F_MgYpP8GE77bQby9eX2mjtIDtAiK59YnlP9azZQgx7bw==
expires
0
redirect.php
mosesrest.co.il/
Redirect Chain
  • https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
  • https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Requested by
Host: www.mosesrest.co.il
URL: https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
471d319c91410b0890e33ce5306d0b28502ec628432133e033c06d6702590de9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0
content-length
2404
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 18:10:55 GMT
permissions-policy
geolocation=*
referrer-policy
origin
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
via
1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-id
-UtFtxgyhbg9f64YOtJhH8SRuhRz7gYVU_IGAqSsxCKB74Mjv408Fg==
x-amz-cf-pop
MUC50-P1
x-amzn-waf-action
challenge
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 18:10:55 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
location
https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
permissions-policy
geolocation=*
referrer-policy
origin
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
via
1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
x-amz-cf-id
trZ1WsvXdaU6DWE4gYfylps34ukp8CernC13ZTASFk3dlv9AXlixSw==
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-redirect-by
WordPress
x-xss-protection
1; mode=block
challenge.js
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/ 		1 MB
284 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/challenge.js
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-112.muc50.r.cloudfront.net
Software
/
Resource Hash
1e7c5e1ab921efce15c8cdec3f6dcd83ff359e1147ff251209614096c7765dc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:55 GMT
content-encoding
gzip
via
1.1 a29f8f45a0707c5c9e054636ff51dce8.cloudfront.net (CloudFront)
last-modified
Sat, 17 Feb 2024 18:10:55 +0000
x-amz-cf-pop
MUC50-P3
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65d0f6af-26200b966284fb3c595b77e0
content-type
text/javascript
cache-control
private, max-age=86400
x-amz-cf-id
KCJis6tpfVyoN8EgbA_zhUmV1L8bOfvZ3p9KvJIG3icvfJJYOJWLuw==
expires
0
verify
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/ 		312 B
731 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/verify
Requested by
Host: b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com
URL: https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-112.muc50.r.cloudfront.net
Software
/
Resource Hash
27e0e234a3bac84a376b6710080a7501afbd103db39aa3fecd67cb28c4e5b7a8

Request headers

Referer
https://mosesrest.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:56 GMT
via
1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65d0f6af-1e5dfa9f2331b752327487b9
cache-control
no-cache, no-store, must-revalidate
content-length
312
x-amz-cf-id
hM8ATwv9eI1HCrxDkUf_P5z7SnxzE4nIcInfKIHs5_qWPIbpFN2LLw==
expires
0
telemetry
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/ 		876 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/telemetry
Requested by
Host: b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com
URL: https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-112.muc50.r.cloudfront.net
Software
/
Resource Hash
3f571e9ac7b54f3aac1b4c13b9b0d44531d2693d84ca36665a92510f50ac1026

Request headers

Referer
https://mosesrest.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:56 GMT
via
1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65d0f6b0-73ede22e58718a8265e53dea
cache-control
no-cache, no-store, must-revalidate
content-length
876
x-amz-cf-id
L4Mtp0qrT6Waw5C2JiDb9uAITHAAj9yWgMGjh0XdFM7V3sY8Rom_9g==
expires
0
Primary Request redirect.php
mosesrest.co.il/ 		122 KB
123 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
79180b0696056f783c6cd832cf86ceb7835e7b1f994ea6dca253169af4dce7c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mosesrest.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, must-revalidate, max-age=0
content-type
text/html; charset=UTF-8
date
Sat, 17 Feb 2024 18:10:57 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://mosesrest.co.il/wp-json/>; rel="https://api.w.org/"
permissions-policy
geolocation=*
referrer-policy
origin
server
CloudFront
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-amz-cf-id
24tvd8oCT6DA_aJtSJqmIKMwRwENxijxZzufeLUrcP9kdVGWRGltBw==
x-amz-cf-pop
MUC50-P1
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
telemetry
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/ 		964 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/telemetry
Requested by
Host: b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com
URL: https://b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com/b2e09161dfba/ab5e0979d893/a780c158f600/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-112.muc50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://mosesrest.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
via
1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-65d0f6b1-7ce2392671a0bb8739e95880
cache-control
no-cache, no-store, must-revalidate
content-length
964
x-amz-cf-id
_jj3FM7jJU1qZERTA8QTwepKILHQPeD-krO-dIn93PMHsSu_BsJI9Q==
expires
0
main.min-rtl.css
mosesrest.co.il/wp-content/themes/astra/assets/css/minified/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/themes/astra/assets/css/minified/main.min-rtl.css?ver=4.3.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
73ab2dd39a22036c816c1b5f858dcbf6e8eb9c4c91542f265088d1beeb9ef5d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8105
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"a256-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
9BvXWKcvBzgbyB7ep3UqQ3uU65BPMRyRwsexN2NgAs3BpBEjmC4evg==
83e19bc0-e8be-474c-b973-745a06579031
https://mosesrest.co.il/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mosesrest.co.il/83e19bc0-e8be-474c-b973-745a06579031
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
css
fonts.googleapis.com/ 		2 KB
928 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Hebrew%3A400%2C&display=fallback&ver=4.3.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf468a889363f5181fee89a30bf3d6b5637d11796eed26a2dcab9bb5c3810801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 18:10:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 18:10:57 GMT
sbi-styles.min.css
mosesrest.co.il/wp-content/plugins/instagram-feed/css/ 		41 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.2.2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
bc29e4a5be14bd3d21f7479ac02bfba19ff2a7a0419f1ae37a54362b4df857bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6094
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"a29a-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
k3WixTAnv1M1yKUXDDNkjFghcUJSYI1JFg6TYFmQPgJyGuAPOXls-w==
style-rtl.min.css
mosesrest.co.il/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.3.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13789
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:26:30 GMT
server
CloudFront
etag
"19770-605dcc36e6580-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
w9bBMaMKXG9QmnQuf-EFIcXo0yc4_GP0LSnBBsRXvdc3KWjjaGVaXw==
all.rtl.min.css
mosesrest.co.il/wp-content/plugins/mishplug/client/css/ 		90 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/mishplug/client/css/all.rtl.min.css?ver=1695295423
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
1d28ce13708f35a1f8de5fcc9039f100e3e45d22b7ea6474ca8e170446cf6d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12115
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"1672b-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
NnnBE_76iV2QNKO_lmK-BQOKxM8ouzpI2TThuPYMJ_pEtGOGHkbqBQ==
a11y-toolbar.css
mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/fonts/css/ 		814 B
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y-toolbar.css?ver=2.0.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
c4a15659b80c847cd26a45a5a94e9841b01f4b14f80cb4b173c9f2e4973f5bab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
357
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"32e-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
8fl7BkKE9W54t7-AdrdWX3bEUyjabU-0wtM7WQzYAr1cqP2HtsFQ0Q==
a11y.css
mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/css/a11y.css?ver=2.0.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
da01907e24efa9fc8c829e78b8f8f5547a3a6f4b073b6f3a4dfb624a388558d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
981
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"c23-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
wBWTDCrdnol6kKZOfrvzlDtol4ExROTuXLsmIPaLtnf5pkVzOTLw-w==
a11y-fontsize.css
mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/css/ 		740 B
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/css/a11y-fontsize.css?ver=2.0.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
b0d850c9769da596686b6f4b2778d9fa0b6ea9308de03853a5e53520e08fa1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
303
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"2e4-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
K6HchG9HutYNpnQe5ovLaZjcaLb73KXD2XnLVuyui_490DT9UoZ53g==
wpa-style.css
mosesrest.co.il/wp-content/plugins/wp-accessibility/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=2.0.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
13031d4ec04980984b56e9152739c608e15fcda23007e524117198f054385eb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1347
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"1461-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
8aqP02rG6WjOI768xTQ4Yjfcbe8o9Tr0gCFCOPIUoLUCSCVFgvnI3Q==
elementor-icons.min.css
mosesrest.co.il/wp-content/plugins/elementor/assets/lib/eicons/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.23.0
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
941b1493157dfb7316bcb3c7357a94e9ba173607d80559408620f4ab4c39c88d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4012
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"4c4d-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
UPybDlWftY39drJCJU5IHbskpc-VBwbuJ02BAR7Wk1mJ4D_aCoItWw==
frontend-lite-rtl.min.css
mosesrest.co.il/wp-content/plugins/elementor/assets/css/ 		115 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor/assets/css/frontend-lite-rtl.min.css?ver=3.16.4
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
d891d3a0355c8128bf74efe85e0bb86237cd57b1aa39c05accf7ee8d0b8a2455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
13767
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"1ca51-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
khRA0hWfW-MNVAp9LqZSBMSD2kpX9FlUXU7tXb33JHRfUzhSyFP7Qw==
swiper.min.css
mosesrest.co.il/wp-content/plugins/elementor/assets/lib/swiper/v8/css/ 		16 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor/assets/lib/swiper/v8/css/swiper.min.css?ver=8.4.5
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4583
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"4057-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
6dWgGJJQiL8k6h_h2QfYIvZaewEMf0fTku9qrt8GHtaAM3OakOXmLw==
post-5.css
mosesrest.co.il/wp-content/uploads/sites/626/elementor/css/ 		1 KB
774 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/uploads/sites/626/elementor/css/post-5.css?ver=1695291175
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
4b21c3673cdd681fd8acae825ce593c0ed216b1f69f23307f76875c1fbc95668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
406
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 10:12:55 GMT
server
CloudFront
etag
"4b1-605dbbc4cb7a8-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
9pIDUCJzOYRa6ldYMt_DxXePnpmFrtsZ9-3KzMGMQL84JLmHfqUaMw==
frontend-lite-rtl.min.css
mosesrest.co.il/wp-content/plugins/elementor-pro/assets/css/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor-pro/assets/css/frontend-lite-rtl.min.css?ver=3.16.2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
04155ae6bd75f7b1ba221f191ae670cbc5cf1083fe92b52a459526c24ca6a2b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1634
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"2df3-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
FM6V5xa8Rt-pIylWWDZ5WZcp5a9czZn8qsU6JRmkTwdaSmD0eywj-A==
global.css
mosesrest.co.il/wp-content/uploads/sites/626/elementor/css/ 		39 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/uploads/sites/626/elementor/css/global.css?ver=1695291175
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
58b812f2ee80d7718cd23b6a5c3dd505a19dda8ef81ef1961e5585b47b66344e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2841
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 10:12:55 GMT
server
CloudFront
etag
"9db8-605dbbc5143b8-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
slgc2uwlSaaUhUha2pjtqftGGKJ4TPsmr2ioA9sO_T0MahH7ArWTjA==
post-239.css
mosesrest.co.il/wp-content/uploads/sites/626/elementor/css/ 		23 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/uploads/sites/626/elementor/css/post-239.css?ver=1699797822
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ddddcbfd8da9050351f1fd9f010aaa69e8a567c46d17ca71486e1a77bb23983d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1972
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Wed, 14 Feb 2024 07:53:05 GMT
server
CloudFront
etag
"5a53-61152cd0909c0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
PqTWTF0737FdDdwMSPSlpQbhkkgqzHf0-6073aCylJx2knNQKI-Hfw==
css
fonts.googleapis.com/ 		49 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&subset=hebrew&ver=6.3.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
94f0cb222975e7939a4b4c283376fc06fbcdfcfced990a4cfbb37bf74a29567f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 17 Feb 2024 18:10:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 17 Feb 2024 18:10:57 GMT
fontawesome.min.css
mosesrest.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12582
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"e238-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
ECaleXQyR9W0UC0kz0pAKyH82ivod2-rcJSFEtvyJseg5isZIXpCfw==
solid.min.css
mosesrest.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 		669 B
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
309
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"29d-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
VIMUZq4zQf6j8wcjYjwghV_kYEZBVk27rYL_EDg7FVSnyESCvSufNw==
jquery.min.js
mosesrest.co.il/wp-includes/js/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
30343
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:26:30 GMT
server
CloudFront
etag
"155ba-605dcc36e6580-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
mtV9RvmDBzyOf0c6Qpa1OIC8nICckOL06s9eFqSqVAb9JK2Cr1jeXA==
jquery-migrate.min.js
mosesrest.co.il/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4872
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:26:30 GMT
server
CloudFront
etag
"3509-605dcc36e6580-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
kWzW_fkRM6g-kxZ0JkGXprKQXCSWdIYmJznnaVN3IA7WExVSxbyXvg==
js
www.googletagmanager.com/gtag/ 		191 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-200372403-3
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c75c8e7a6ad7de3104ac116ce7b8f5c0bbff081e0b38acd788249e850485c16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70750
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Feb 2024 18:10:57 GMT
pixel.js
cdn.popt.in/ 		0
0
widget-nav-menu-rtl.min.css
mosesrest.co.il/wp-content/plugins/elementor-pro/assets/css/ 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu-rtl.min.css
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
aae4860aa158785cebb51470d8c40e7fd73a638cc2840c1b39417f22a573726f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3326
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"67e7-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
text/css
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
Ml2dHQHeXKIdcFVCgYy_mBm6pHWefQmTibgNq987jp72ai0L5f9PsQ==
main_logo_white-01-1.png
mosesrest.co.il/wp-content/uploads/sites/626/2023/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mosesrest.co.il/wp-content/uploads/sites/626/2023/06/main_logo_white-01-1.png
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
cd02b33c70f2032a40f814bac60fe9ff93750b3f9bdeb6fe1b97f1bbcbde6b1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5219
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 11 Jun 2023 14:53:22 GMT
server
CloudFront
etag
"1463-5fddbc3778f38"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
rZeWAPwf0JgDXlweY7mBNK8uXn6vYpAA03gUo5l0Z8ifa73NxUvESA==
new_app-01.png
mosesrest.co.il/wp-content/uploads/sites/626/2023/06/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mosesrest.co.il/wp-content/uploads/sites/626/2023/06/new_app-01.png
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
dba108c7e8cc93d571108bfc5da968be607a424c6f69ffeaf51755a242ec7243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1583
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 11 Jun 2023 14:53:19 GMT
server
CloudFront
etag
"62f-5fddbc3423ae0"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
cXRnV-Iy2mXPIarJOi_Sr3FIWtEIc4-TxemfRszhRo_eKGDwp5pydQ==
new_app-02.png
mosesrest.co.il/wp-content/uploads/sites/626/2023/06/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mosesrest.co.il/wp-content/uploads/sites/626/2023/06/new_app-02.png
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
a5b408fdfc25ea3abe63d0fac7aba6aee0b7be1eaa07115645d5e0a68ac57958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1533
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 11 Jun 2023 14:53:19 GMT
server
CloudFront
etag
"5fd-5fddbc34f5658"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
image/png
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
gXRpIdYSNdHI7AblXBshUP2NkYuEAGAFfp9QPqoFZJQ6LSusV0TGWQ==
frontend.min.js
mosesrest.co.il/wp-content/themes/astra/assets/js/minified/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=4.3.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
4949400420298d43ab430c5caf706e848af8fff7db19c0031542b02e71c26b89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
4948
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"509e-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
vV8gM2oWxHKf154dVeZHHQwiS0bL6TjBYm7PI4U12FadcqCO9dsjTQ==
custom.js
mosesrest.co.il/wp-content/plugins/mishplug/client/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/mishplug/client/js/custom.js?ver=1695295423
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
52832db22cc9ed780ceb95c03472f9e6f61dac3a80ef7531a662c8bf786444cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1283
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"134c-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
6H900YGAOL8JXy0I2j7MTB2YbPmmVE1BBmvXIo5NRzrAq8uTu8B06g==
sr.min.js
mosesrest.co.il/wp-content/plugins/mishplug/client/js/ 		209 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/mishplug/client/js/sr.min.js?ver=1695295423
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
4a699631f0f3b94f0b204c852e5351d9483dd167da37967ec04a00219c606024
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"34469-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
LUbtdX0MeNLU65BFgqLa-sSRxyxD3pXJv0AfWSiTJjQYmEgZfChDwg==
wpa-toolbar.js
mosesrest.co.il/wp-content/plugins/wp-accessibility/js/ 		2 KB
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/wp-accessibility/js/wpa-toolbar.js?ver=2.0.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
3db59e4fb00b04d1da0ea32f6ff0191aae083a130976f10420db8a40121a912e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
540
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"6a2-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
5ErdFATJQE2k6O1jQtuqHE6X7HeBBeEoaAqzqIsBRVvtG2ZUw3tKjA==
a11y.js
mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/js/a11y.js?ver=2.0.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
cb8068c7715e850b7694c9ffbaab85b5fa9625ec627925d840c47f0b7089423f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1000
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"d99-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
qSP-s6TzIwaQfSN8k-utW4LMi8OpjUQhvaYAQBJiffCh4rw0YxbR-g==
wp-accessibility.js
mosesrest.co.il/wp-content/plugins/wp-accessibility/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/wp-accessibility/js/wp-accessibility.js?ver=2.0.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
88a7f2522dd8c93c1f5007fcbcd059cff32a895cdab67e4d0398e94e950fbb65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3076
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"2c20-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
Psb7ERb4B2xpzZr8oGCam8xYA-i7OmZoqLNuIdJBmQ05h0E4M5pHZA==
longdesc.button.js
mosesrest.co.il/wp-content/plugins/wp-accessibility/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=2.0.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
05c78d6a2624f38e659dfad31d402bbda31897361e2ea1a4ef04bd1e78d41b85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1003
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"cfa-605dcb97a2dc0-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
BsgzCKiBNQHB2H77I2QxeRAdxgdsMjxxfrZ0t0pr-PKClZCZNk9Fdw==
jquery.smartmenus.min.js
mosesrest.co.il/wp-content/plugins/elementor-pro/assets/lib/smartmenus/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
7157
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"6272-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
5jsLa8BRSwbuzCQ-R4IW-CoS5l2kyfSKAPioWwhbXG08KaDD5u6HMA==
webpack-pro.runtime.min.js
mosesrest.co.il/wp-content/plugins/elementor-pro/assets/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.16.2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
4030d0913b43f85cc5f54944e834ba01e0111b642e9e6c1978cefbda687e7dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2608
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"166c-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
Xsh6Pt2qHbs3rbw8Q9R7dMom-WlPNkaL71i4iosT6LGPBjPgEd8S9g==
webpack.runtime.min.js
mosesrest.co.il/wp-content/plugins/elementor/assets/js/ 		0
0
frontend-modules.min.js
mosesrest.co.il/wp-content/plugins/elementor/assets/js/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.16.4
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
54bf58f6b534a750c255cd1d3f0d394e64c614c7df443ef5308722b20ae0c778
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
16676
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"e5ec-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
fd2LqxPSUutJeFD6I_STdO03eemFEjAO-pXYHzSNsC3K8ayYgu8z0g==
wp-polyfill-inert.min.js
mosesrest.co.il/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2484
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:26:30 GMT
server
CloudFront
etag
"1feb-605dcc36e6580-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
i2HEkYEb8OpCwV8fV3ORRY20gkXlz_kdjmF2IAwQziCql_XJUJGw5w==
regenerator-runtime.min.js
mosesrest.co.il/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2499
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:26:30 GMT
server
CloudFront
etag
"19cf-605dcc36e6580-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
vLCHFfYRYlkUbVyUe9L3uXwlUr00iUE3NjhEkcI5KnQpORUcSZRRNQ==
wp-polyfill.min.js
mosesrest.co.il/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
5889
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:26:30 GMT
server
CloudFront
etag
"3f12-605dcc36e6580-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
r_gwyEJ2XQ--mgUyFMTfm-2iv-zlm4gaKesbas6t9R6eQw3YpZ5cag==
hooks.min.js
mosesrest.co.il/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1567
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:26:30 GMT
server
CloudFront
etag
"1213-605dcc36e6580-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
Qh93WTIeXM6MriTdIFK1W8kZZpYtvM_yev2251h4quqw9rw6H0dFXg==
i18n.min.js
mosesrest.co.il/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
3692
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:26:30 GMT
server
CloudFront
etag
"24e5-605dcc36e6580-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
xVsM6hEqqwAKVfpNBF70vtrktSzObo3-j5eHVOiJx6EYwId6XniktA==
frontend.min.js
mosesrest.co.il/wp-content/plugins/elementor-pro/assets/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.16.2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
0fee2c84f4e4a94f2b2e99a7f73d82203d1c72e7290f9738d897d1418a6a2545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
6618
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"6062-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
MSxSlk3X9U5mkcV91Xk17wZv1pjawcdSbrVnpRvIYT2u8BBCMAQRqQ==
waypoints.min.js
mosesrest.co.il/wp-content/plugins/elementor/assets/lib/waypoints/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2993
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"2fa6-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
-eovslExiNJ8My1RqL6a6Ga65v1CQWasKiqx6rGTlLBtVmOogZAIDA==
core.min.js
mosesrest.co.il/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
7099
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:26:30 GMT
server
CloudFront
etag
"53be-605dcc36e6580-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
1rkYKjkVvLb_8UbUXOQxzeua9dM9IJj5xkAv4TdOa8rvetwr8EvlFg==
frontend.min.js
mosesrest.co.il/wp-content/plugins/elementor/assets/js/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.16.4
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
c6fe813db64c5ccae7d4c89067546910910b2316862218ce553a19cf23dae7e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12234
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"9df4-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
veFnpyfhRRPMLtDH2tHt2wqKMCACHQ2efM7TAMw5hw_YfixbUnjDfQ==
elements-handlers.min.js
mosesrest.co.il/wp-content/plugins/elementor-pro/assets/js/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.16.2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
499508bc917f97fb2d5355f304d796948866d1a1d72e0977e0bb06d16fd43fc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
8528
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"8a69-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
bhZ1K4we5G8ZPnnCbCNLzyiRJ518ptYb0uiitCwzzNPcPzWIVqlvCA==
jquery.sticky.min.js
mosesrest.co.il/wp-content/plugins/elementor-pro/assets/lib/sticky/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.16.2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
gzip
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1542
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:42 GMT
server
CloudFront
etag
"e89-605dcb96aeb80-gzip"
vary
Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
4QTLzwJzwMGQCAvkUIZRzkahey6VYVbVfnGl7xcPjwwqAzHP1r92yA==
gtm.js
www.googletagmanager.com/ 		280 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WDB5BV9
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b797e49f6546fd79322a5acc8f7d19c74ba7edcfa71c0ce0bd3e9b100e62489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98402
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Feb 2024 18:10:57 GMT
equally-widget.min.js
widget.equally.ai/ 		8 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.equally.ai/equally-widget.min.js
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.27.13 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:59 GMT
content-encoding
gzip
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA56-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 14 Feb 2024 17:28:05 GMT
server
AmazonS3
etag
W/"fb1bb09030ebfb20cd779be405722402"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
0Mml5ghuLmjSAfIqw2TNvSzZBdgVRSZvxv7ubD6tIhiJwr0v4ztxOQ==
BCa2qYENg9Kw1mpLpO0bGM5lfHAAZHhDXE2i-lg.woff2
fonts.gstatic.com/s/ibmplexsanshebrew/v11/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanshebrew/v11/BCa2qYENg9Kw1mpLpO0bGM5lfHAAZHhDXE2i-lg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Hebrew%3A400%2C&display=fallback&ver=4.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2785739b7edb1640ac8f88fd105baf8872c127ef74f8456fcc086ecdfff70523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mosesrest.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:50:50 GMT
x-content-type-options
nosniff
age
379207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19428
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:02:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:50:50 GMT
mikhmoret-bold-aaa_0.ttf
mosesrest.co.il/wp-content/uploads/sites/626/2023/06/ 		65 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/uploads/sites/626/2023/06/mikhmoret-bold-aaa_0.ttf
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/wp-content/uploads/sites/626/elementor/css/post-239.css?ver=1699797822
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
684d116fd40ebf4e0581d1a9aac6682d3413ece0c0c58e4da8d3951256cf3235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mosesrest.co.il/
Origin
https://mosesrest.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 11 Jun 2023 14:53:19 GMT
server
CloudFront
etag
W/"10484-5fddbc34dc018"
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-allow-origin
*
permissions-policy
geolocation=*
x-amz-cf-id
iz5DgA6ZIbGpPx_O1L4pCHbi5PQ76BD2K3o--hp02KK6ykSIEm2L6g==
mikhmoret-regular-aaa_0.ttf
mosesrest.co.il/wp-content/uploads/sites/626/2023/06/ 		66 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/uploads/sites/626/2023/06/mikhmoret-regular-aaa_0.ttf
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/wp-content/uploads/sites/626/elementor/css/post-239.css?ver=1699797822
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e2922e8b48c9ff0c0acb9a8d99df3e3fbf7124481ce1e379afb9ba73405dbcb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mosesrest.co.il/
Origin
https://mosesrest.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Sun, 11 Jun 2023 14:53:20 GMT
server
CloudFront
etag
W/"1072c-5fddbc3584768"
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-allow-origin
*
permissions-policy
geolocation=*
x-amz-cf-id
rHLyTEE9x0xRTlLcSMnTAv3sbf19mAv6mlA2FVkHRft5VAcTG3CaYQ==
almoni-dl-aaa-400.ttf
mosesrest.co.il/wp-content/plugins/mishplug/client/fonts/ 		121 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/mishplug/client/fonts/almoni-dl-aaa-400.ttf
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/wp-content/plugins/mishplug/client/css/all.rtl.min.css?ver=1695295423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
ea0de92c31d9871cf30e8566f6b8d4c40aed35d0b7333db657cc80be4df9635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mosesrest.co.il/
Origin
https://mosesrest.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
W/"1e2c0-605dcb97a2dc0"
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-allow-origin
*
permissions-policy
geolocation=*
x-amz-cf-id
kFbizhyCPR0WdbK_Nk1i_RnkLUs6DM2dxfjK2sqeNDlyRA5eFP8I9w==
ficon.ttf
mosesrest.co.il/wp-content/plugins/mishplug/client/libs/ficons/fonts/ 		22 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/mishplug/client/libs/ficons/fonts/ficon.ttf?vxq4s2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/wp-content/plugins/mishplug/client/css/all.rtl.min.css?ver=1695295423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
5f3f71bf918ced392308d4f5f50f975abd3df6a5cc603a99d3320e69cad8b763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mosesrest.co.il/
Origin
https://mosesrest.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
W/"58dc-605dcb97a2dc0"
x-frame-options
SAMEORIGIN
content-type
font/ttf
access-control-allow-origin
*
permissions-policy
geolocation=*
x-amz-cf-id
a925nb6sJdEUnrfgB66w-ro4RpM3mxacxN3QS7s60Ate527Ql_TcfQ==
BCa2qYENg9Kw1mpLpO0bGM5lfHAAZHhDXE2g-lgHrQ.woff2
fonts.gstatic.com/s/ibmplexsanshebrew/v11/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ibmplexsanshebrew/v11/BCa2qYENg9Kw1mpLpO0bGM5lfHAAZHhDXE2g-lgHrQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans+Hebrew%3A400%2C&display=fallback&ver=4.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b68506c60bdd69a9e95edd35543bdc4ac287e8a57581d749800e83a61175784a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mosesrest.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 07:09:43 GMT
x-content-type-options
nosniff
age
385274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5376
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:01:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 07:09:43 GMT
a11y.woff2
mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/fonts/css/ 		752 B
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y.woff2
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/wp-content/plugins/wp-accessibility/toolbar/fonts/css/a11y-toolbar.css?ver=2.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.192.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-97.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
463774833c268778806c2cbd8d297898d4fa0c9f2e55fde71b9a2b6c57c8ec50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mosesrest.co.il/
Origin
https://mosesrest.co.il
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
via
1.1 986e79a1f22b8bf29001818ede5df5c8.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
MUC50-P1
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
752
x-xss-protection
1; mode=block
referrer-policy
origin
last-modified
Thu, 21 Sep 2023 11:23:43 GMT
server
CloudFront
etag
"2f0-605dcb97a2dc0"
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
permissions-policy
geolocation=*
accept-ranges
bytes
x-amz-cf-id
KVAtJkBx0vCDU344LGvlD6Xf2aVyXhGxZN9ckJ0s093WyjuiYTqhrA==
js
www.googletagmanager.com/gtag/ 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2Q2NXG9BZ3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-200372403-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f7b69c49d09c8bf2a359b0cb08efd9c8d4b28d602f0eecd3a92d3f1521848ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83214
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Feb 2024 18:10:57 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-200372403-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 17 Feb 2024 17:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1368
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 17 Feb 2024 19:48:09 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/962031149/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/962031149/?random=1708193457818&cv=11&fst=1708193457818&bg=ffffff&guid=ON&async=1&gtm=45He42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ref=https%3A%2F%2Fmosesrest.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&npa=0&pscdl=noapi&auid=121047000.1708193458&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDB5BV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cf574f39154c8b68393270cfc6ef21aed366bbdad8d00e5fe71f0396a45675f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/767937945/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767937945/?random=1708193457821&cv=11&fst=1708193457821&bg=ffffff&guid=ON&async=1&gtm=45He42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ref=https%3A%2F%2Fmosesrest.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&npa=0&pscdl=noapi&auid=121047000.1708193458&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDB5BV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7d345f3ef17cb341b8f0a78f240ea927cfddff8f3851ea4b4a7a29bc38c2f267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1371
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CJTkkML8soQDFc9XHgIdh5cKIQ;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=121047000.1708193458;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=sypha...
9227380.fls.doubleclick.net/ Frame 12AB
Redirect Chain
  • https://9227380.fls.doubleclick.net/activityi;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=121047000.1708193458;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=syp...
  • https://9227380.fls.doubleclick.net/activityi;dc_pre=CJTkkML8soQDFc9XHgIdh5cKIQ;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=121047000.1708193458;pscdl=noapi;gtm=45He42...
571 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9227380.fls.doubleclick.net/activityi;dc_pre=CJTkkML8soQDFc9XHgIdh5cKIQ;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=121047000.1708193458;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDB5BV9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
af1c2faaf54b983e7bb62beb80ed35215de5db048aca1a6e26c20d20b1cac7b7
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mosesrest.co.il/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
343
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 18:10:57 GMT
expires
Sat, 17 Feb 2024 18:10:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 17 Feb 2024 18:10:57 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9227380.fls.doubleclick.net/activityi;dc_pre=CJTkkML8soQDFc9XHgIdh5cKIQ;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=121047000.1708193458;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mosesrest.co.il
URL: https://www.mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 17 Feb 2024 18:10:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
X0iQdMlGabLSKwP3naPdElW5NS5Iv5q390QjwTiNjW0QF2oXwsy0hHK99GnbCj9fW5ix3ZvKtxqoNEnrQDpGEA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		137 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-51833918-1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WDB5BV9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7836ee993478057ed49d59da3ae890469847002d9f41b8b9ab6ddf3bb982a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53581
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Feb 2024 18:10:57 GMT
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=476702048&t=pageview&_s=1&dl=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1274993971&gjid=1564140821&cid=2037249182.1708193458&tid=UA-200372403-3&_gid=1258146152.1708193458&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=1100728224
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mosesrest.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mosesrest.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-2Q2NXG9BZ3&gtm=45je42e0v9114979813za200&_p=1708193457673&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=2037249182.1708193458&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1708193457&sct=1&seg=0&dl=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&dr=https%3A%2F%2Fmosesrest.co.il%2F&dt=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&en=page_view&_fv=1&_ss=1&tfd=918
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2Q2NXG9BZ3&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mosesrest.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		329 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JTHDKHVWR5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-51833918-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
acfc7a47a61f881040a8627e7817abed3adf29c2074a846b5e8d7df0bc17a592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109000
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 17 Feb 2024 18:10:57 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=476702048&t=pageview&_s=1&dl=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=927035494&gjid=94527994&cid=2037249182.1708193458&tid=UA-51833918-1&_gid=1258146152.1708193458&_r=1&gtm=457e42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&jsscut=1&z=763285122
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mosesrest.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mosesrest.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
177859696265876
connect.facebook.net/signals/config/ 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/177859696265876?v=2.9.147&r=stable&domain=mosesrest.co.il&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ebc38e14192b5642e7dab9eb61a3b8276e16234a5f5393aff6e66df9ceac9d31
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 17 Feb 2024 18:10:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
mauTGfDY3hDDq94X2QJfnGeZRez2K84/Dc+tYlPqudMvoJNW4uc2DxZ5jJSfN1TYsWVtO8xRCl7PfJ9A/zgTHg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/767937945/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/767937945/?random=1708193457821&cv=11&fst=1708192800000&bg=ffffff&guid=ON&async=1&gtm=45He42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ref=https%3A%2F%2Fmosesrest.co.il%2F&frm=0&tiba=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_9yI0obvVzCGBpX84BlkhnWI0MyGl1Q&random=1083946525&rmt_tld=0&ipr=y
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/767937945/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/767937945/?random=1708193457821&cv=11&fst=1708192800000&bg=ffffff&guid=ON&async=1&gtm=45He42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ref=https%3A%2F%2Fmosesrest.co.il%2F&frm=0&tiba=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_9yI0obvVzCGBpX84BlkhnWI0MyGl1Q&random=1083946525&rmt_tld=1&ipr=y
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/962031149/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/962031149/?random=1708193457818&cv=11&fst=1708192800000&bg=ffffff&guid=ON&async=1&gtm=45He42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ref=https%3A%2F%2Fmosesrest.co.il%2F&frm=0&tiba=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_mVFfPzrWo70WPGU7zhr2x6aKTXaP5A&random=1225456905&rmt_tld=0&ipr=y
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/962031149/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/962031149/?random=1708193457818&cv=11&fst=1708192800000&bg=ffffff&guid=ON&async=1&gtm=45He42e0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ref=https%3A%2F%2Fmosesrest.co.il%2F&frm=0&tiba=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&npa=0&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_mVFfPzrWo70WPGU7zhr2x6aKTXaP5A&random=1225456905&rmt_tld=1&ipr=y
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-51833918-1&cid=2037249182.1708193458&jid=927035494&gjid=94527994&_gid=1258146152.1708193458&_u=aEDAAUABAAAAACAAI~&z=585128224
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://mosesrest.co.il/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 17 Feb 2024 18:10:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mosesrest.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JTHDKHVWR5&gtm=45je42e0v899202765za200&_p=1708193457673&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=2037249182.1708193458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1708193457&sct=1&seg=0&dl=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&dr=https%3A%2F%2Fmosesrest.co.il%2F&dt=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&en=page_view&_fv=1&_ss=1&tfd=1009
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JTHDKHVWR5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mosesrest.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JTHDKHVWR5&cid=2037249182.1708193458&gtm=45je42e0v899202765za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JTHDKHVWR5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mosesrest.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/767937945/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767937945/?random=1708193457952&cv=11&fst=1708193457952&bg=ffffff&guid=ON&async=1&gtm=45je42e0v899202765za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ref=https%3A%2F%2Fmosesrest.co.il%2F&hn=www.googleadservices.com&frm=0&tiba=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&npa=0&pscdl=noapi&auid=121047000.1708193458&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JTHDKHVWR5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
59d6e2c1e80f93c106c4ca2c2157cde9294980f25f2f2e25c2df3749ea5bcd41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1414
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JTHDKHVWR5&cid=2037249182.1708193458&gtm=45je42e0v899202765za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=1074864169
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51833918-1&cid=2037249182.1708193458&jid=927035494&_u=aEDAAUABAAAAACAAI~&z=1894858159
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51833918-1&cid=2037249182.1708193458&jid=927035494&_u=aEDAAUABAAAAACAAI~&z=1894858159
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=177859696265876&ev=PageView&dl=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&rl=https%3A%2F%2Fmosesrest.co.il%2F&if=false&ts=1708193457979&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.2.1708193457979.1071078186&cdl=API_unavailable&it=1708193457891&coo=false&exp=e1&rqm=GET
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 17 Feb 2024 18:10:58 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dc_pre=CJTkkML8soQDFc9XHgIdh5cKIQ;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=*;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb...
adservice.google.com/ddm/fls/z/ Frame 12AB 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CJTkkML8soQDFc9XHgIdh5cKIQ;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=*;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F
Requested by
Host: 9227380.fls.doubleclick.net
URL: https://9227380.fls.doubleclick.net/activityi;dc_pre=CJTkkML8soQDFc9XHgIdh5cKIQ;src=9227380;type=invmedia;cat=conve0;ord=1;num=1624581859820;npa=0;auiddc=121047000.1708193458;pscdl=noapi;gtm=45He42e0za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9227380.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/767937945/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/767937945/?random=1708193457952&cv=11&fst=1708192800000&bg=ffffff&guid=ON&async=1&gtm=45je42e0v899202765za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ref=https%3A%2F%2Fmosesrest.co.il%2F&frm=0&tiba=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_IwE__9JcHAltyQmlLpcg3VDBVnwZYN579bUIs_xaNLapa66b&random=3181308311&rmt_tld=0&ipr=y
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/767937945/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/767937945/?random=1708193457952&cv=11&fst=1708192800000&bg=ffffff&guid=ON&async=1&gtm=45je42e0v899202765za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fmosesrest.co.il%2Fredirect.php%3Furl%3Dhttps%3A%2F%2Fcasino-1win-info.ru%2F&ref=https%3A%2F%2Fmosesrest.co.il%2F&frm=0&tiba=Page%20not%20found%20-%20%D7%9E%D7%95%D7%96%D7%A1%20%7C%20Moses%20%7C%20%D7%90%D7%AA%D7%A8%20%D7%94%D7%96%D7%9E%D7%A0%D7%95%D7%AA%20%D7%94%D7%9E%D7%A9%D7%9C%D7%95%D7%97%D7%99%D7%9D%20%D7%94%D7%A8%D7%A9%D7%9E%D7%99&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_IwE__9JcHAltyQmlLpcg3VDBVnwZYN579bUIs_xaNLapa66b&random=3181308311&rmt_tld=1&ipr=y
Requested by
Host: mosesrest.co.il
URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mosesrest.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 17 Feb 2024 18:10:58 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.popt.in
URL
https://cdn.popt.in/pixel.js?id=ed60bf756abb6
Domain
mosesrest.co.il
URL
https://mosesrest.co.il/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.16.4

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| _wpemojiSettings undefined| $ function| jQuery object| dataLayer function| gtag string| EQUALLY_AI_API_KEY number| intervalId string| sbiajaxurl object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| astraSmoothScroll function| astScrollToTopHandler function| popupTriggerClick function| AstraToggleSubMenu function| AstraToggleSetup function| astraNavMenuToggle object| _wp object| wpatb object| wpa11y object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| postscribe object| google_tag_manager_external object| GooglebQhCsO function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| createCookie function| readCookie function| eraseCookie object| wpa function| wpaElementText object| wparest object| webpackChunkelementor_pro

12 Cookies

Domain/Path Name / Value
.www.mosesrest.co.il/ Name: aws-waf-token
Value: 5392ae17-fd2e-4d97-b74f-24d65105746b:CQoAbwJ/GWsOAAAA:SN5sJh8W0e+mTL08QJxS9JmWsII7t7RlYB26T8iQKgFZ6vCNuNZW4KZfsHT4WGVJN06Xaj7e2hK1A5vp2TYV7fJocGT7P+0tGHbAEdZbI27eeYZR9yCEUUDB/+CVkkpruHZALjOp3gQ2dou3FIvb2lNDtq33w4VImxk1qk3WnE2PE7/9JgdfgaCZVq0cIMFEElseM4fDV2xfzcaFZBW1nd7c0qzisFtOqEkSaEIv6D2jGffQ5xBlSON23hf+yV8h53qA01TXJmhT4MT2IT7uvRlCTfI4fg==
.mosesrest.co.il/ Name: aws-waf-token
Value: 5392ae17-fd2e-4d97-b74f-24d65105746b:CQoAveN+Wl0dAAAA:QxqBN1o5pTAiw2JcGElaWAme1eqZUJZB3PvhLMRKp91TKG0T5bh/nNtAOjx18TLegzv8s8zJxJPH6Fxyz3rwvEmb1esnkYSq8rh5YB3uMISIRrabfOGeUbkOqeHb7vremovDdZFKZ3BwS3QPnMWAyV7WoM33TNiBjaq5F2NySEisSjEOnaBQL/qt1I0z6f27QM7EXv84SONarmFmf2xW9xvRY9qIxOOtfCCH21bqFPolmL2W+jYjbUZSC8Fqq/7EvzQBCPqBVwYUMsBXBTJsnXDC
.mosesrest.co.il/ Name: _gcl_au
Value: 1.1.121047000.1708193458
.mosesrest.co.il/ Name: _gid
Value: GA1.3.1258146152.1708193458
.mosesrest.co.il/ Name: _gat_gtag_UA_200372403_3
Value: 1
.mosesrest.co.il/ Name: _ga_2Q2NXG9BZ3
Value: GS1.1.1708193457.1.0.1708193457.0.0.0
.mosesrest.co.il/ Name: _gat_gtag_UA_51833918_1
Value: 1
.mosesrest.co.il/ Name: _ga
Value: GA1.1.2037249182.1708193458
.mosesrest.co.il/ Name: _ga_JTHDKHVWR5
Value: GS1.1.1708193457.1.0.1708193457.60.0.0
.mosesrest.co.il/ Name: _fbp
Value: fb.2.1708193457979.1071078186
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUke5ZRTuxsf3mhAVOKrEtg5YgefOUzSLLsYoh1goKrgmUN6--1s9DY2tEzD

12 Console Messages

Source Level URL
Text
network error URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/177859696265876?v=2.9.147&r=stable&domain=mosesrest.co.il&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosesrest.co.il/redirect.php?url=https://casino-1win-info.ru/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9227380.fls.doubleclick.net
adservice.google.com
b2e09161dfba.f4bdbb0f.eu-central-1.token.awswaf.com
cdn.popt.in
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mosesrest.co.il
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
widget.equally.ai
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.mosesrest.co.il
cdn.popt.in
mosesrest.co.il
142.250.186.70
18.173.154.112
18.66.192.29
18.66.192.97
18.66.27.13
2001:4860:4802:32::36
2a00:1450:4001:802::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c02::9d
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
04155ae6bd75f7b1ba221f191ae670cbc5cf1083fe92b52a459526c24ca6a2b5
05c78d6a2624f38e659dfad31d402bbda31897361e2ea1a4ef04bd1e78d41b85
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0fee2c84f4e4a94f2b2e99a7f73d82203d1c72e7290f9738d897d1418a6a2545
13031d4ec04980984b56e9152739c608e15fcda23007e524117198f054385eb6
1d28ce13708f35a1f8de5fcc9039f100e3e45d22b7ea6474ca8e170446cf6d56
1e7c5e1ab921efce15c8cdec3f6dcd83ff359e1147ff251209614096c7765dc1
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
2785739b7edb1640ac8f88fd105baf8872c127ef74f8456fcc086ecdfff70523
27e0e234a3bac84a376b6710080a7501afbd103db39aa3fecd67cb28c4e5b7a8
2cf574f39154c8b68393270cfc6ef21aed366bbdad8d00e5fe71f0396a45675f
34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68
369dbc68180eeab82614d19634328c8248a811d6c465280478d2006524cafdde
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
3db59e4fb00b04d1da0ea32f6ff0191aae083a130976f10420db8a40121a912e
3f571e9ac7b54f3aac1b4c13b9b0d44531d2693d84ca36665a92510f50ac1026
4030d0913b43f85cc5f54944e834ba01e0111b642e9e6c1978cefbda687e7dcf
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
463774833c268778806c2cbd8d297898d4fa0c9f2e55fde71b9a2b6c57c8ec50
471d319c91410b0890e33ce5306d0b28502ec628432133e033c06d6702590de9
4949400420298d43ab430c5caf706e848af8fff7db19c0031542b02e71c26b89
499508bc917f97fb2d5355f304d796948866d1a1d72e0977e0bb06d16fd43fc1
4a699631f0f3b94f0b204c852e5351d9483dd167da37967ec04a00219c606024
4b21c3673cdd681fd8acae825ce593c0ed216b1f69f23307f76875c1fbc95668
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4c75c8e7a6ad7de3104ac116ce7b8f5c0bbff081e0b38acd788249e850485c16
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52832db22cc9ed780ceb95c03472f9e6f61dac3a80ef7531a662c8bf786444cd
533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020
54bf58f6b534a750c255cd1d3f0d394e64c614c7df443ef5308722b20ae0c778
58b812f2ee80d7718cd23b6a5c3dd505a19dda8ef81ef1961e5585b47b66344e
59d6e2c1e80f93c106c4ca2c2157cde9294980f25f2f2e25c2df3749ea5bcd41
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f3f71bf918ced392308d4f5f50f975abd3df6a5cc603a99d3320e69cad8b763
5f7b69c49d09c8bf2a359b0cb08efd9c8d4b28d602f0eecd3a92d3f1521848ee
671589909ecd235be3262e3e6a391f93fe9d10cac7c9d3e61a0dd1e5254891cc
684d116fd40ebf4e0581d1a9aac6682d3413ece0c0c58e4da8d3951256cf3235
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6b797e49f6546fd79322a5acc8f7d19c74ba7edcfa71c0ce0bd3e9b100e62489
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73ab2dd39a22036c816c1b5f858dcbf6e8eb9c4c91542f265088d1beeb9ef5d5
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
79180b0696056f783c6cd832cf86ceb7835e7b1f994ea6dca253169af4dce7c4
7d345f3ef17cb341b8f0a78f240ea927cfddff8f3851ea4b4a7a29bc38c2f267
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88a7f2522dd8c93c1f5007fcbcd059cff32a895cdab67e4d0398e94e950fbb65
941b1493157dfb7316bcb3c7357a94e9ba173607d80559408620f4ab4c39c88d
94f0cb222975e7939a4b4c283376fc06fbcdfcfced990a4cfbb37bf74a29567f
a5b408fdfc25ea3abe63d0fac7aba6aee0b7be1eaa07115645d5e0a68ac57958
aae4860aa158785cebb51470d8c40e7fd73a638cc2840c1b39417f22a573726f
acfc7a47a61f881040a8627e7817abed3adf29c2074a846b5e8d7df0bc17a592
af1c2faaf54b983e7bb62beb80ed35215de5db048aca1a6e26c20d20b1cac7b7
b0d850c9769da596686b6f4b2778d9fa0b6ea9308de03853a5e53520e08fa1c5
b1978b9c591c21e47141d7624bc24ce1e4d0fd8a1faed2929e55dda66c86ed79
b68506c60bdd69a9e95edd35543bdc4ac287e8a57581d749800e83a61175784a
bc29e4a5be14bd3d21f7479ac02bfba19ff2a7a0419f1ae37a54362b4df857bd
bf468a889363f5181fee89a30bf3d6b5637d11796eed26a2dcab9bb5c3810801
c0f27ee92a26e2bbb2393e7695351be1c91d890492943f52cf18fcfd899666ed
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c4a15659b80c847cd26a45a5a94e9841b01f4b14f80cb4b173c9f2e4973f5bab
c57e64fcb72bddafa9c38de574441c3e69ac6c961df96b0cad34da83658bd196
c6fe813db64c5ccae7d4c89067546910910b2316862218ce553a19cf23dae7e7
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb8068c7715e850b7694c9ffbaab85b5fa9625ec627925d840c47f0b7089423f
cd02b33c70f2032a40f814bac60fe9ff93750b3f9bdeb6fe1b97f1bbcbde6b1f
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d20027543b4f170b37c7f1d2f0832fc5c06ebd44d2bf6a11b9b28cc682cf5b0a
d891d3a0355c8128bf74efe85e0bb86237cd57b1aa39c05accf7ee8d0b8a2455
da01907e24efa9fc8c829e78b8f8f5547a3a6f4b073b6f3a4dfb624a388558d0
dba108c7e8cc93d571108bfc5da968be607a424c6f69ffeaf51755a242ec7243
ddddcbfd8da9050351f1fd9f010aaa69e8a567c46d17ca71486e1a77bb23983d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2922e8b48c9ff0c0acb9a8d99df3e3fbf7124481ce1e379afb9ba73405dbcb5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7836ee993478057ed49d59da3ae890469847002d9f41b8b9ab6ddf3bb982a3a
ea0de92c31d9871cf30e8566f6b8d4c40aed35d0b7333db657cc80be4df9635c
ebc38e14192b5642e7dab9eb61a3b8276e16234a5f5393aff6e66df9ceac9d31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629