urlscan.io logo urlscan.io
SecurityTrails logo

ht1.presglobal.store Open in urlscan Pro
172.67.72.22  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tickets.ht1.co.il/
Effective URL: https://ht1.presglobal.store/
Submission: On July 24 via automatic, source certstream-suspicious — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 3 countries across 15 domains to perform 69 HTTP transactions. The main IP is 172.67.72.22, located in United States and belongs to CLOUDFLARENET, US. The main domain is ht1.presglobal.store.
TLS certificate: Issued by WE1 on June 26th 2024. Valid for: 3 months.
This is the only time ht1.presglobal.store was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.127.16.226 210329 (CLOUDWEBM...)
30 172.67.72.22 13335 (CLOUDFLAR...)
1 142.250.186.42 15169 (GOOGLE)
2 151.101.129.229 54113 (FASTLY)
1 18.239.18.93 16509 (AMAZON-02)
1 18.239.69.124 16509 (AMAZON-02)
3 142.250.181.227 15169 (GOOGLE)
4 142.250.186.136 15169 (GOOGLE)
3 142.250.184.228 15169 (GOOGLE)
5 156.146.33.140 60068 (CDN77 _)
3 216.239.38.178 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
1 142.250.186.163 15169 (GOOGLE)
2 35.163.236.72 16509 (AMAZON-02)
1 3 216.239.38.181 15169 (GOOGLE)
3 74.125.206.157 15169 (GOOGLE)
3 142.250.186.35 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
2 157.240.253.35 32934 (FACEBOOK)
69 18
1    185.127.16.226 (Canary Wharf, United Kingdom)

ASN210329 (CLOUDWEBMANAGE-UK-1, US)
PTR: ptr3.igivetip.com
tickets.ht1.co.il
30    172.67.72.22 (United States)

ASN13335 (CLOUDFLARENET, US)
ht1.presglobal.store
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
2    151.101.129.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    18.239.18.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-93.ams58.r.cloudfront.net
usrwy.com
1    18.239.69.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-124.ams58.r.cloudfront.net
cdn-gce.vdocipher.com
3    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
fonts.gstatic.com
4    142.250.186.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f8.1e100.net
www.googletagmanager.com
3    142.250.184.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f4.1e100.net
www.google.com
5    156.146.33.140 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
PTR: 663193551.fra.cdn77.com
cdn.userway.org
3    216.239.38.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
1    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.gstatic.com
2    35.163.236.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-163-236-72.us-west-2.compute.amazonaws.com
api.userway.org
3    216.239.38.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net
stats.g.doubleclick.net
3    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
www.google.co.il
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads.g.doubleclick.net
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
30 presglobal.store
ht1.presglobal.store
11 MB
7 userway.org
cdn.userway.org — Cisco Umbrella Rank: 6941
api.userway.org — Cisco Umbrella Rank: 6788
63 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 10
analytics.google.com — Cisco Umbrella Rank: 238
2 KB
4 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
381 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
260 KB
3 google.co.il
www.google.co.il — Cisco Umbrella Rank: 18481
625 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
72 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
449 KB
1 vdocipher.com
cdn-gce.vdocipher.com
67 KB
1 usrwy.com
usrwy.com — Cisco Umbrella Rank: 195959
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 ht1.co.il
tickets.ht1.co.il
313 B
69 15
Domain Requested by
30 ht1.presglobal.store ht1.presglobal.store
5 cdn.userway.org usrwy.com
cdn.userway.org
ht1.presglobal.store
4 www.googletagmanager.com ht1.presglobal.store
www.googletagmanager.com
www.google-analytics.com
3 www.google.co.il ht1.presglobal.store
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 analytics.google.com 1 redirects www.googletagmanager.com
3 www.google-analytics.com www.googletagmanager.com
ht1.presglobal.store
www.google-analytics.com
3 www.google.com ht1.presglobal.store
www.gstatic.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com ht1.presglobal.store
2 api.userway.org cdn.userway.org
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 cdn.jsdelivr.net ht1.presglobal.store
cdn.jsdelivr.net
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.gstatic.com www.google.com
1 cdn-gce.vdocipher.com ht1.presglobal.store
1 usrwy.com ht1.presglobal.store
1 fonts.googleapis.com ht1.presglobal.store
1 tickets.ht1.co.il 1 redirects
69 19

This site contains links to these domains. Also see Links.

Domain
pres.global
Subject Issuer Validity Valid
presglobal.store
WE1		 2024-06-26 -
2024-09-24		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
usrwy.com
Amazon RSA 2048 M03		 2023-11-06 -
2024-12-03		 a year crt.sh
*.vdocipher.com
Amazon RSA 2048 M03		 2023-11-27 -
2024-12-25		 a year crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
1667503734.rsc.cdn77.org
E5		 2024-07-16 -
2024-10-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-02 -
2024-07-31		 3 months crt.sh
api.userway.org
Amazon RSA 2048 M03		 2023-09-02 -
2024-09-30		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.google.co.il
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://ht1.presglobal.store/
Frame ID: D9472719930E2518F7BF0F14C22B5314
Requests: 68 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfR_qAUAAAAACi2MQpvO91I-hBUTMBjZfjJq3_7&co=aHR0cHM6Ly9odDEucHJlc2dsb2JhbC5zdG9yZTo0NDM.&hl=iw&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&badge=bottomleft&cb=srk5bf5tfsnm
Frame ID: B49A921211A24F8F174C80264A08D0C0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

תאטרון חיפה

Page URL History Show full URLs

  1. https://tickets.ht1.co.il/ HTTP 302
    https://ht1.presglobal.store/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.userway\.org/widget.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

69
Requests

99 %
HTTPS

0 %
IPv6

15
Domains

19
Subdomains

18
IPs

3
Countries

12194 kB
Transfer

16997 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tickets.ht1.co.il/ HTTP 302
    https://ht1.presglobal.store/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://analytics.google.com/g/collect?v=2&tid=G-8DCP81EWH8&gtm=45je47h0v872861651z8859471316za200zb859471316&_p=1721833782055&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=550227770.1721833783&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721833782&sct=1&seg=0&dl=https%3A%2F%2Fht1.presglobal.store%2F&dt=%D7%AA%D7%90%D7%98%D7%A8%D7%95%D7%9F%20%D7%97%D7%99%D7%A4%D7%94&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&tfd=3212&_z=fetch HTTP 302
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=550227770.1721833783&dbk=7505284740993735332&dma=0&en=page_view&gtm=45je47h0v872861651z8859471316za200zb859471316&npa=0&tid=G-8DCP81EWH8&dl=https%3A%2F%2Fht1.presglobal.store%3F

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ht1.presglobal.store/
Redirect Chain
  • https://tickets.ht1.co.il/
  • https://ht1.presglobal.store/
347 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3f39dc11fcb459f58e770efc7ca21e167b01c93c2472ad3553ac1a04d9bda294

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
8a84d52abc893aa2-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 24 Jul 2024 15:09:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GGf4Mv4xg12Q8E9LogNB1JH%2BpB5cfrpCtVWP4wDAPgI0nIZOcNCz6oAeMxHOVL6lijxoF5cvp%2BXmGav4hyW8ZJZrsJWUQJnNK8bi9%2FrO%2FCADwniGDzq5mGBRBmvaHSrUi4nrq7aM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
145
Content-Type
text/html
Date
Wed, 24 Jul 2024 15:09:40 GMT
Location
https://ht1.presglobal.store/
Pragma
no-cache
Server
rhino-core-shield
expires
Thu, 01 Jan 1970 00:00:01 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jul 2024 14:04:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jul 2024 15:09:41 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 		339 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Jul 2024 15:09:41 GMT
x-content-type-options
nosniff
content-encoding
br
age
40990
x-jsd-version
7.4.47
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
55843
x-served-by
cache-fra-etou8220025-FRA, cache-mrs1050115-MRS
x-jsd-version-type
version
etag
W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
widget.js
usrwy.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://usrwy.com/widget.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-93.ams58.r.cloudfront.net
Software
CDN77-Turbo /
Resource Hash
a0e848d082976c1b0189b35fbc217c65dfd5434a3232e631f015fd950cfc237e

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 24 Jul 2024 14:31:42 GMT
via
1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront), 1.1 41fcd719412f2befdcf66654c7db4572.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10, AMS58-P6
x-accel-date-max
1721461334
x-amz-server-side-encryption
AES256
age
2522
x-77-cache
HIT
x-cache
Hit from cloudfront
x-age
2833
x-accel-date
1721738674
x-77-nzt
EgwB1GY4sQH3EQsAAAwBJRPCLgH3EgAAAA
x-77-age
2833
last-modified
Sat, 20 Jul 2024 07:36:44 GMT
server
CDN77-Turbo
x-77-nzt-ray
1cb09c0ea464d6efc3b09f660b261810
etag
W/"48d9119ca921025126e449795e59cd3e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=3600, public
vary
Accept-Encoding
x-amz-cf-id
9fNTgORDguJEfH8VkfX_YwfO-aLZUglgctnxtRzVrR0CaDu0Ef9wUQ==
userway.js
ht1.presglobal.store/ 		52 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/userway.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8118ea6fb60e579373f955ca63a8cf96a4deb612c2e76e3b170a39e3edcbd75e

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Mon, 08 Aug 2022 09:52:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"34-1827cde59b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nmTqpLGLE6%2BNl6entW6X1C86lAZDf7Z5aOdBScdf2FwAOHTAJsL46bGpolJFWkD%2BdI6kc4yGiedT4Pz1LsNTBy3cDbTWMAdAWCsKCPVTqBlkYpleSZ3rUEZcW5nDc9zyId3Tb6hP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
cf-ray
8a84d52d98b83aa2-FRA
vdo.js
cdn-gce.vdocipher.com/playerAssets/1.6.10/ 		206 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gce.vdocipher.com/playerAssets/1.6.10/vdo.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-124.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
952bed69c5d6160fb43b52ba4292cd7e5a6d41e0fd00bd2c3ce9afc1e8c6eb32

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:42 GMT
content-encoding
gzip
via
1.1 13676fca7076b460ad3ad018e40a51da.cloudfront.net (CloudFront)
last-modified
Mon, 13 Mar 2023 03:55:49 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
etag
W/"ecb368a02a88e8214c24a7a54a15451b"
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-central-1:871266855760:build/player-assets:9cd74076-3f7b-4dd1-98ab-b76a5dbd30bb
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
a26648ab0d2971ae79d51858017c3e7debe3bdab3c0022dcfc7175b58581e56e
cache-control
public, max-age=1800
x-amz-meta-codebuild-content-md5
c1d6781abe695b31b437b8f0e5c9ce62
x-amz-cf-id
8WXjDzbHmvbwUQBnbB-NTlDU1-FX09Ebag4B61vZk8bwB-NUIjfN7Q==
6d40188.js
ht1.presglobal.store/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/_nuxt/6d40188.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caad5321aff4f00727af02b00819b138bd18501e9259ecac8c5a6751cd5c5a77

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29574
etag
W/"4f2-190e10bafcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvreAHAb6RLKJ8S1zcxR7VVD5ntyDNeAB8F5TSU0iFWrWztpql2A4RhUgiFwa7hm%2FbxYq2Zbo8kvvUV9Aplp5NrLkUnNdS04V2MAXphog5Sm9CSjJfFISkRZ2mpYBqJZRVt9hn3J"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8a84d52d98bd3aa2-FRA
fcec292.js
ht1.presglobal.store/_nuxt/ 		252 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/_nuxt/fcec292.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e851f2c2279a44675b78aac5c5482cfd87cf7c7b807e1631b68292c723b6423d

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29574
etag
W/"12947-190e10bafcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4BQhXUQTgsomxMwtNW2GV0MZ%2BtTn4V6XRMmQv%2B1%2BUfDb6vMDngOzVngv%2BxY2qfAvYSo0ibUyzZ0eYqkCNgoCu0WfLDcjXvAe%2FjYFDgB4tKtQ1lUMDHioBuvoUrvBD2RMDE0qb5g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8a84d52d98be3aa2-FRA
df51b1d.js
ht1.presglobal.store/_nuxt/ 		2 MB
343 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/_nuxt/df51b1d.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fa2f651f5f34535a6efd363e4943af779a378369324764e5bee7d63088d4a29

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29574
etag
W/"3f6ca-190e10bafd1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLl%2BK%2BDk7FKCbu1qTIqbupBw2Pm74fa1r5n6M56DQRgCG79vQhqadv40EckXyA9ZM2g9nltgxdVJ92oe3OaxmFnuMkUBCjIJNafCpOozUNJhJALthDnjUUGFHsRmbcCPFQmPKlY%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8a84d52d98bf3aa2-FRA
ed9152c.js
ht1.presglobal.store/_nuxt/ 		205 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/_nuxt/ed9152c.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4899e63e9c24b89dc591cfe928839f8b00b26d74deb9840d3e97113ad4beca0a

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29574
etag
W/"9b28-190e10bafcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TyocJTHYUki%2FBXaQTuV8tT2LpEafsd2viEwfJMRy8kDf7b%2Fe4f7vX4%2Btu%2FJyYjnAvsytuq%2BcapDNp9IlZVzNexAKoMXQX1NeoK7uxG52%2BSIesFD7TU49Gy2BT8iLBHWn5AyFtCzr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8a84d52d98c03aa2-FRA
f6e254a.js
ht1.presglobal.store/_nuxt/ 		323 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/_nuxt/f6e254a.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a05e18acdbeb5a728e179cb11390b68ba86336b8538f8cc2b7c6cede45ff74

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6297
etag
W/"d9f6-190e10bafcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lQ6VIyo3qRf7y9WyW4lIwQO1QhZWJny1g1B%2FIlnvZ4DkndbgKrTTVVAY2s992um9ky7h6tZpEC37LAcPvhZdwD7BNg%2BgXndaGacuzBqmQNUjtKzjS3sqmmPFsImeHUDn22dzhbph"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8a84d52d98c23aa2-FRA
6c05032.js
ht1.presglobal.store/_nuxt/ 		46 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/_nuxt/6c05032.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8080e206bda9cd75072a4a2e508a1c7c189b39194687fe248ef7ca78705d86c

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29574
etag
W/"204a-190e10bafcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFWDpRFUQkQ%2BKlrvIE7XEGGagmK9Gb%2BZLRzEfuJzdWvfakRKoLuwy7iba4FdHEgPzdSjrZOf6e2P9nPDueGJsbiJNIjAb3a4mCYhpjgK%2FRW9qXRAgUH0WamelXvJZoGs1roDr7%2Bt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8a84d52d98c43aa2-FRA
326e163.js
ht1.presglobal.store/_nuxt/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/_nuxt/326e163.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2855bddd8066426e6bc6f524d022bdd904cae25b4d24934c31634cf488ff5f84

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6304
etag
W/"157f-190e10bafcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B0EioaqKn9sRP3cdlE4wJa4QVEaWzXFGTC3XLjSLa%2FWE%2BkwpWFslyGycHOSpZkzDUdGpWGE1VPq1Q2E%2BmQElL%2Bg8v4Zx6Vx0poYMh%2B3m%2FN8DRJq9AZt0SAiOSiHiVLUHLcJxltMs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8a84d52d98c73aa2-FRA
e893609.js
ht1.presglobal.store/_nuxt/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/_nuxt/e893609.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2a937b2109a4db1a358681788a8274e1a4f069d38ac75a79427dd0fd3d91d9b

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29574
etag
W/"18fa-190e10bafcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kCzxBQZmr5j73FB6Y1uUsPHpkLfrtnmbCdL7Uk66Ualpz4KkMC0AN%2FjuJiicIbPpHbKUOeXG%2FJta5K4O3HVcNYY6Iu18CteyFLelKFlPDUEZhq53K2YcHTMP9alT%2F7c%2F9MPfyjRo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8a84d52d98c93aa2-FRA
8901770.js
ht1.presglobal.store/_nuxt/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/_nuxt/8901770.js
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16ef0983d73eae433cfbcd8f254e3e8f13dc77f736d91045286a356a2870ee6f

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6304
etag
W/"c9c-190e10bafcd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xy3wsb7GDXPF%2BSOiihZN1%2B12%2FfQTuBwgNeSOHQs%2FGyekU7AghHEVNslhfk4V81yr2CHQY0stRHPXhs5yyzF7Yv9mLA8Acot8Gh%2BBcCM2KzaXepimtyueiP9mqUHF1y5IAH9JljcW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
8a84d52d98cb3aa2-FRA
logo.png
ht1.presglobal.store/assets/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/assets/images/logo.png
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b646d6b0037df884f6b04eb3083c0653b3c6416a8ef7f4d7ffa2f64773f46db

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Mon, 08 Aug 2022 09:52:03 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=5916
etag
W/"171c-1827cde59b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLcVR8Oktt9ZaC%2FYxLB8fhGNqFBp8vcOUebJ4xx%2FnnOtkZLn4umVuI46O7NrF6f3trPWgR1g6X6itTtOKC0blHaLwYokexT95pRdCPplCZfKcrRq4ro%2BVpN%2BPjgyXn%2F%2BEI35KUUr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a84d52f8bac3aa2-FRA
content-length
5608
pres_logo-light.7f6de46.png
ht1.presglobal.store/_nuxt/img/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/_nuxt/img/pres_logo-light.7f6de46.png
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81b5decccdb6cc6ed71826d84f72f58bfb6c45f8b90a522c737f8a7ca9c645f

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
27789
cf-polished
origSize=17784
content-length
13691
cf-bgj
imgq:85,h2pri
last-modified
Tue, 23 Jul 2024 19:22:37 GMT
server
cloudflare
etag
W/"4578-190e10baf91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jM421wUBTmwOr9mtiZ5IyB%2FVuwR%2BDRVuQOS0YG5eIn1aQ8af2mj%2B9XYpwYKAAXW2A77W4yhZZ7t7sLXKedrJHPRNPSHaQ9FIyTzfSGViKNorjaD0aKVIBHTG6CPH%2F3ggQk0RqQ7s"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a84d52f9baf3aa2-FRA
banner-bg.jpg
ht1.presglobal.store/assets/images/web-site/root/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/assets/images/web-site/root/banner-bg.jpg
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a6008809dda00054d2a5dc60c28974806290dd1ed19a61cf7fa3ecc5f5c2abe

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:42 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Mon, 08 Aug 2022 09:52:03 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
degrade=85, origSize=12779
etag
W/"31eb-1827cde59b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EA26rw8pu38okXMk94TcXgpN7k5ojtip4%2Fpd7tfP7j7LHO94ITJdL25UMSvM8OokD9zj9cwF4W7%2BfD%2BveHpEcn%2Fgar7oYj4QLcXcfAZAh1gb3ZwZb5P2cW95RdvVACyI3tBry%2BRu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a84d5319f093aa2-FRA
content-length
10158
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 		394 KB
394 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.4.47
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Origin
https://ht1.presglobal.store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Jul 2024 15:09:42 GMT
x-content-type-options
nosniff
age
38485
x-jsd-version
7.4.47
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
403216
x-served-by
cache-fra-eddf8230112-FRA, cache-mrs10554-MRS
x-jsd-version-type
version
etag
W/"62710-TiD2zPQxmd6lyFsjoODwuoH/7iY"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ht1.presglobal.store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 11:48:58 GMT
x-content-type-options
nosniff
age
98444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 11:48:58 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ht1.presglobal.store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:01:56 GMT
x-content-type-options
nosniff
age
86866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:01:56 GMT
gtm.js
www.googletagmanager.com/ 		283 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-57NPZ3T
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/_nuxt/df51b1d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
f52dadfa99849c61f48fa58d9333df681c4564a4cb1e95a50e8dc064884dae2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100431
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jul 2024 15:09:42 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ht1.presglobal.store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:21:50 GMT
x-content-type-options
nosniff
age
85672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 15:21:50 GMT
api.js
www.google.com/recaptcha/ 		1 KB
976 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&hl=iw
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/_nuxt/f6e254a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
951f05ea89a89e1307e8b617fec15704a65f129f38305d6341c9a515150ac048
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 24 Jul 2024 15:09:42 GMT
header
ht1.presglobal.store/api/menus/ 		509 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/api/menus/header
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/_nuxt/fcec292.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bbdb7d351645cc4a7535932d72ba71a2f40dcdcdf0c0252afb7eb774f2e95902

Request headers

Accept
application/json, text/plain, */*
Referer
https://ht1.presglobal.store/
uuid
2a450987-f8ad-45cc-8ad1-44774c059e36
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:42 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"1fd-BdyBZHuS300mQsDkSlz1sq5Ylrc"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PiyovbwhLrPRiYHkPMIy9C%2BW6wX8zbE0%2FBtnGWsWyC0LZESoMwANv%2FgK442Dg%2Bq4Uotv14Bq8g8F5H0KEro7JzYmmViIXphBKmw9lf0Aj%2Bed32X9e9nf68bkLddzmgRnba7s%2BDPI"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
8a84d5344be03aa2-FRA
specialMessage
ht1.presglobal.store/api/menus/ 		2 B
352 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/api/menus/specialMessage?webSiteId=1&specialMessageId=0
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/_nuxt/fcec292.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/plain, */*
Referer
https://ht1.presglobal.store/
uuid
2a450987-f8ad-45cc-8ad1-44774c059e36
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hOvQfxKipkt8ZkXF5K6fD1MAdDMhca6%2Bo2B4iNtdMulXuPptSkU1A%2BXazIXhjncNObrLDkY%2BP9HiG50X%2B%2FaITxaFj87iRHlyhN8hMVL%2B8XyPiieJRnsnbqhYBIRSQ7VJv8Qb5tky"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
8a84d5344be33aa2-FRA
content-length
2
presentations
ht1.presglobal.store/api/ 		150 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/api/presentations?locationId=0&includeSynopsis=0
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/_nuxt/fcec292.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9e88e04659376496635402a9c4cfc974dda28add81654e0f6d6f65e06b36b352

Request headers

Accept
application/json, text/plain, */*
Referer
https://ht1.presglobal.store/
uuid
2a450987-f8ad-45cc-8ad1-44774c059e36
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"2567d-6E9LadIisTBEgSdyzmKbwChDYYs"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WfK0hUPbqgy5M5eaT84jdv0MkLvC0LHZoQ0vuoThaCAcRxbyFoDOIH3p3dyc%2F9ezTHmxsnjMZNdd0wGonSjJBv3Ugu8lv%2FVy0awseIi45b%2BpY2ZlTvGzgn6ZYUSaCv81%2FPH8ZXaO"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
max-age=300
cf-ray
8a84d5344be73aa2-FRA
presentations
ht1.presglobal.store/api/ 		150 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/api/presentations
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/_nuxt/fcec292.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9e88e04659376496635402a9c4cfc974dda28add81654e0f6d6f65e06b36b352

Request headers

Accept
application/json, text/plain, */*
Referer
https://ht1.presglobal.store/
uuid
2a450987-f8ad-45cc-8ad1-44774c059e36
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"2567d-6E9LadIisTBEgSdyzmKbwChDYYs"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zdsBBsQYzSid%2BKpWoRrYR2vIzZXLNmh3fautSJThgQPt84Ccas1j1AxdxGOqr2t3gU0Wm1BZF3jXJQESrraYPdEkKIz7iZtoEj56APIBFxN5nXcwTlt9RM2PW4HUW3zc5x8nEWNH"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
max-age=300
cf-ray
8a84d5344be83aa2-FRA
widget_app_base_1721460856032.js
cdn.userway.org/widgetapp/2024-07-20-07-34-16/ 		154 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-20-07-34-16/widget_app_base_1721460856032.js
Requested by
Host: usrwy.com
URL: https://usrwy.com/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.140 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
9f95fd545c4749dfcf41f19494a6ba75651ab982f43476c3e67fce50ca909d21

Request headers

Referer
https://ht1.presglobal.store/
Origin
https://ht1.presglobal.store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 24 Jul 2024 15:09:42 GMT
via
1.1 18a0c3f5e09e58d51d2e5d6f596d202e.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
240
x-amz-server-side-encryption
AES256
x-accel-date-max
1721461338
x-77-cache
HIT
x-cache
HIT
x-age
372444
x-accel-date
1721461338
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH33K4FAAwBisclxAH3EgAAAA
x-accel-expires
@1747381320
x-77-age
372444
last-modified
Sat, 20 Jul 2024 07:36:38 GMT
server
CDN77-Turbo
etag
W/"18499c11ae12fb42f1d0e4d029448919"
x-77-nzt-ray
cf87872787a961423619a166d9969729
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
8TdP37oEivS11MJ6FiOjBsMY0CHTARYRaDwcqx8olsBhVEuu83nCng==
banner.png
ht1.presglobal.store/assets/images/web-site/root/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/assets/images/web-site/root/banner.png
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf83179d79c142ad455bbc687d4773f7539aea24bc77be03b17e6a2b0f1740ae

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:42 GMT
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Mon, 08 Aug 2022 09:52:03 GMT
server
cloudflare
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=98600
etag
W/"18128-1827cde59b8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8wuM4JNjDz381E47dYcsEub2kKSMvJx17E4ntIds8Fk0%2BZ3N5mEZx1PSN8TpiDGTB2UZSFOojlC0Ffu%2B8N7AjKHtz7cy2aitwgUbwhGGDTxPWChfMGd2CA2YdsaIVT6lBn4J5usI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
8a84d534bc7d3aa2-FRA
content-length
58889
js
www.googletagmanager.com/gtag/ 		295 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8DCP81EWH8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57NPZ3T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2e9dab74046525246a32127f7f57091c846511f2cf91e902419897eaae297a04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102457
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jul 2024 15:09:42 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57NPZ3T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 24 Jul 2024 14:38:56 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1846
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 24 Jul 2024 16:38:56 GMT
destination
www.googletagmanager.com/gtag/ 		263 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10809218480&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57NPZ3T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0657fd3ba074d090e9c26231f14307904941d672d2679f959178f55ea14d4951
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92812
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jul 2024 15:09:42 GMT
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57NPZ3T
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Jul 2024 15:09:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=12, mss=1380, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Ugqu47Z9FR+kH/LaaeeFv14FEbBVmasBeiDV95NP0shQBxybAJPJ4ZrXKlc1Vm11Exyqp3WZQlVUn5VA1B175g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__iw.js
www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/ 		536 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__iw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onRecaptchaLoad&hl=iw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
c53892b027ffd92bf2365a431c361a6e51003a0bcd91c915aa346d5e7300ae1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
Origin
https://ht1.presglobal.store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 15:22:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85646
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217635
x-xss-protection
0
last-modified
Mon, 22 Jul 2024 21:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 23 Jul 2025 15:22:17 GMT
LGfvDUYKC3
api.userway.org/api/tunings/ 		308 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/tunings/LGfvDUYKC3
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-20-07-34-16/widget_app_base_1721460856032.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.163.236.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-236-72.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
472f4e19f3b4f84d80b0e56b771b55e2baee3e2a68e9c960c594b576e66535b7

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 24 Jul 2024 15:09:43 GMT
etag
W/"134-8x+1lwMZttXWiuLUaiH4gJ0ZNK8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-service-request-id
usra550d1cfa4e4438
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
308
x-service-version
uw-pr
register-conversion
www.google-analytics.com/privacy-sandbox/
Redirect Chain
  • https://analytics.google.com/g/collect?v=2&tid=G-8DCP81EWH8&gtm=45je47h0v872861651z8859471316za200zb859471316&_p=1721833782055&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=550227770.1721833783&u...
  • https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=550227770.1721833783&dbk=7505284740993735332&dma=0&en=page_view&gtm=45je47h0v872861651z8859471316za200zb859471316&npa=0...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=550227770.1721833783&dbk=7505284740993735332&dma=0&en=page_view&gtm=45je47h0v872861651z8859471316za200zb859471316&npa=0&tid=G-8DCP81EWH8&dl=https%3A%2F%2Fht1.presglobal.store%3F
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H3
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
attribution-reporting-register-trigger
{"aggregatable_trigger_data":[{"key_piece":"0x6f2039cae968ca6e","source_keys":["1"]},{"key_piece":"0x2d9d94daa8c607dc","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"7505284740993735332","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"}],"filters":{"2":["11078117571"],"5":["07-24","07-23","07-22"]}}
date
Wed, 24 Jul 2024 15:09:43 GMT
server
Golfe2
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
server
Golfe2
content-type
text/html; charset=UTF-8
location
https://www.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=550227770.1721833783&dbk=7505284740993735332&dma=0&en=page_view&gtm=45je47h0v872861651z8859471316za200zb859471316&npa=0&tid=G-8DCP81EWH8&dl=https%3A%2F%2Fht1.presglobal.store%3F
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
484
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8DCP81EWH8&cid=550227770.1721833783&gtm=45je47h0v872861651z8859471316za200zb859471316&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8DCP81EWH8&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ht1.presglobal.store
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8DCP81EWH8&cid=550227770.1721833783&gtm=45je47h0v872861651z8859471316za200zb859471316&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=75039436
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10809218480/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10809218480/?random=1721833783003&cv=11&fst=1721833783003&bg=ffffff&guid=ON&async=1&gtm=45be47h0v873244463z8859471316za201zb859471316&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fht1.presglobal.store%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%AA%D7%90%D7%98%D7%A8%D7%95%D7%9F%20%D7%97%D7%99%D7%A4%D7%94&npa=0&pscdl=noapi&auid=726787257.1721833783&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10809218480&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
4ca1fdad8de43719db950c1a11b5e370c2e468a555161a746f1ffd2cccfb4df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1376
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1930456016&t=pageview&_s=1&dl=https%3A%2F%2Fht1.presglobal.store%2F&ul=he-il&de=UTF-8&dt=%D7%AA%D7%90%D7%98%D7%A8%D7%95%D7%9F%20%D7%97%D7%99%D7%A4%D7%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=935598185&gjid=1748275849&cid=550227770.1721833783&tid=UA-222523579-1&_gid=637615031.1721833783&_slc=1&gtm=45He47h0n8157NPZ3Tv859471316za200&gcd=13l3l3l3l1&dma=0&tag_exp=0&z=894591921
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1ac6ba8940ad1740a55b0ddf12a2b5c1be9f9b66581680a8bc6aec1ae71c4f77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ht1.presglobal.store
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
349 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-222523579-1&cid=550227770.1721833783&jid=935598185&gjid=1748275849&_gid=637615031.1721833783&_u=YCDAgEABAAAAAGAAI~&z=1225169965
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 24 Jul 2024 15:09:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ht1.presglobal.store
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		259 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5EVV23HC26&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b4cdb6058336024dfc70807919a813365e30924f1579a28484849892ae119f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:43 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93503
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 24 Jul 2024 15:09:43 GMT
1504767689864705
connect.facebook.net/signals/config/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1504767689864705?v=2.9.162&r=stable&domain=ht1.presglobal.store&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
d19cbddff887c8ea0b6772e29194adff9e5881352a6db3f3da8394c1c503c6ba
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Jul 2024 15:09:43 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=62, mss=1380, tbw=64211, tp=-1, tpl=-1, uplat=122, ullat=0
pragma
public
x-fb-debug
W+dxsyMbJHCyI+dKvriEwBLg33ZbhQaGD186t8Q8nK1mABn9pQx14mIPlcIZeb0TmpcuPwZsCMLwaqdSE1xRZA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame B49A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfR_qAUAAAAACi2MQpvO91I-hBUTMBjZfjJq3_7&co=aHR0cHM6Ly9odDEucHJlc2dsb2JhbC5zdG9yZTo0NDM.&hl=iw&v=Xv-KF0LlBu_a0FJ9I5YSlX5m&size=invisible&badge=bottomleft&cb=srk5bf5tfsnm
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Xv-KF0LlBu_a0FJ9I5YSlX5m/recaptcha__iw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q7WUioZKXv_AdVXO2r4VCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ht1.presglobal.store/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Q7WUioZKXv_AdVXO2r4VCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 24 Jul 2024 15:09:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.google.com/pagead/1p-user-list/10809218480/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10809218480/?random=1721833783003&cv=11&fst=1721833200000&bg=ffffff&guid=ON&async=1&gtm=45be47h0v873244463z8859471316za201zb859471316&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fht1.presglobal.store%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%AA%D7%90%D7%98%D7%A8%D7%95%D7%9F%20%D7%97%D7%99%D7%A4%D7%94&npa=0&pscdl=noapi&auid=726787257.1721833783&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLRRM63-iScMlAHIPiy8_O0WoZI8Cf8g&random=657722496&rmt_tld=0&ipr=y
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.co.il/pagead/1p-user-list/10809218480/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/pagead/1p-user-list/10809218480/?random=1721833783003&cv=11&fst=1721833200000&bg=ffffff&guid=ON&async=1&gtm=45be47h0v873244463z8859471316za201zb859471316&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fht1.presglobal.store%2F&hn=www.googleadservices.com&frm=0&tiba=%D7%AA%D7%90%D7%98%D7%A8%D7%95%D7%9F%20%D7%97%D7%99%D7%A4%D7%94&npa=0&pscdl=noapi&auid=726787257.1721833783&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLRRM63-iScMlAHIPiy8_O0WoZI8Cf8g&random=657722496&rmt_tld=1&ipr=y
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1504767689864705&ev=PageView&dl=https%3A%2F%2Fht1.presglobal.store%2F&rl=&if=false&ts=1721833783517&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1721833783516.335262633158721618&ler=empty&cdl=API_unavailable&it=1721833783253&coo=false&tm=1&rqm=GET
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1380, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Jul 2024 15:09:43 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1504767689864705&ev=PageView&dl=https%3A%2F%2Fht1.presglobal.store%2F&rl=&if=false&ts=1721833783517&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1721833783516.335262633158721618&ler=empty&cdl=API_unavailable&it=1721833783253&coo=false&tm=1&rqm=FGET
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Wed, 24 Jul 2024 15:09:43 GMT
document-policy
force-load-at-top
x-fb-server-load
47
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7395219787840136129", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1380, tbw=3101, tp=-1, tpl=-1, uplat=143, ullat=0
pragma
no-cache
x-fb-debug
yWFCgIHr4QG1Dib2GDGyTPEjvNJ6FDoIN2jsu59MN/KeqBASqw9P8oOexHUb0iKccaIe4UVPYMOWIuripT8gnQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7395219787840136129"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-5EVV23HC26&gtm=45je47h0v9124177612za200&_p=1721833782055&_gaz=1&gcd=13l3l3l3l2&npa=0&dma=0&tag_exp=0&ul=he-il&sr=1600x1200&cid=550227770.1721833783&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fht1.presglobal.store%2F&dt=%D7%AA%D7%90%D7%98%D7%A8%D7%95%D7%9F%20%D7%97%D7%99%D7%A4%D7%94&sid=1721833783&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3838&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5EVV23HC26&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ht1.presglobal.store
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-5EVV23HC26&cid=550227770.1721833783&gtm=45je47h0v9124177612za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5EVV23HC26&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ht1.presglobal.store
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-5EVV23HC26&cid=550227770.1721833783&gtm=45je47h0v9124177612za200&aip=1&dma=0&gcd=13l3l3l3l2&npa=0&frm=0&z=2043565636
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
he.json
cdn.userway.org/widgetapp/2024-07-20-07-34-16/locales/ 		727 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/widgetapp/2024-07-20-07-34-16/locales/he.json
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-20-07-34-16/widget_app_base_1721460856032.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.33.140 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c55af41fd0961f0ce93bde12f2d615b8680315d61a2d9a87518a77d0bd021421

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 24 Jul 2024 15:09:43 GMT
via
1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
235
x-amz-server-side-encryption
AES256
x-accel-date-max
1721461344
x-77-cache
HIT
x-cache
HIT
x-age
372439
x-accel-date
1721461344
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH3164FAAwBisclxAH3GQAAAA
x-accel-expires
@1747381319
x-77-age
372439
last-modified
Sat, 20 Jul 2024 07:36:38 GMT
server
CDN77-Turbo
etag
W/"5eab77cf464027402046f46dae1404b0"
x-77-nzt-ray
cf87872787a961423719a166862f192d
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
Iomas9fihoHvnoCpJkthILthOd0ZbE3CaDIG6_YyRR_bjOvFXNooZQ==
remediation-tool-free.js
cdn.userway.org/remediation/2024-07-20-07-34-16/free/ 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.userway.org/remediation/2024-07-20-07-34-16/free/remediation-tool-free.js?ts=1721460856032
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-20-07-34-16/widget_app_base_1721460856032.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.140 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
78793ed6af79a53f0a983daa7bf01fb2151d5c76938994e9a0a3f9b820714c42

Request headers

Referer
https://ht1.presglobal.store/
Origin
https://ht1.presglobal.store
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 24 Jul 2024 15:09:44 GMT
via
1.1 adffa554e502bb59dc89f14ddc6170ce.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
236
x-amz-server-side-encryption
AES256
x-accel-date-max
1721461340
x-77-cache
HIT
x-cache
HIT
x-age
372444
x-accel-date
1721461340
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH33K4FAAwB1GY4EQH3FQAAAA
x-accel-expires
@1747381319
x-77-age
372444
last-modified
Sat, 20 Jul 2024 07:36:43 GMT
server
CDN77-Turbo
etag
W/"9db409bc341a6520412b5c42d90785b2"
x-77-nzt-ray
cf87872718a3e1be3819a1661aa9770f
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
EU_qSV_r6pViffcJ4upaAugOwkqCccoJ5D9-TC8gFrd6duxjVS_7NQ==
body_wh.svg
cdn.userway.org/widgetapp/images/ 		4 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/body_wh.svg
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.140 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 24 Jul 2024 15:09:44 GMT
via
1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
8
x-amz-server-side-encryption
AES256
x-accel-date-max
1721461338
x-77-cache
HIT
x-cache
HIT
x-age
372446
x-accel-date
1721461338
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH33q4FAAwBnJIhHwH3EAAAAA
x-accel-expires
@1747381322
x-77-age
372446
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-nzt-ray
cf87872791adb9c93819a16694ea0618
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
KnfShYYYF0Sxz7mtqQLZETDGS35LyqlTlVKxHmDZonvjVZh_Kx9NTA==
spin_wh.svg
cdn.userway.org/widgetapp/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.userway.org/widgetapp/images/spin_wh.svg
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
156.146.33.140 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
663193551.fra.cdn77.com
Software
CDN77-Turbo /
Resource Hash
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 24 Jul 2024 15:09:44 GMT
via
1.1 004e894746bfb0d8f9e19ef0400dda24.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P10
age
8
x-amz-server-side-encryption
AES256
x-accel-date-max
1721461338
x-77-cache
HIT
x-cache
HIT
x-age
372446
x-accel-date
1721461338
alt-svc
h3=":443"; ma=86400
x-77-nzt
EgwBnJIhiwH33q4FAAwBnJIhHwH3EAAAAA
x-accel-expires
@1747381322
x-77-age
372446
last-modified
Fri, 22 Mar 2024 12:49:37 GMT
server
CDN77-Turbo
etag
W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-nzt-ray
cf87872791adb2c93819a166cc4cfe17
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, POST, DELETE
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
max-age=25920000, public
vary
Accept-Encoding
x-amz-cf-id
1IeBNz7AZNWYqgYDvqv1r_7okTNvf-3bkmd0LShZ3XCFkTp0Rnk7PQ==
favicon.ico
ht1.presglobal.store/ 		78 B
464 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
560a481d94b94be28e45a6ee498682f92b2eb99f8f6f5956c9aad969f61ee5e5

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:45 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
x-placeholder
image
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSLaTRYZV4HS5EYC6uCcaTEL6d8f7UYgDJcxmc5UXqXWPPlbLQmE%2Fajk2l8SN%2BSDgPUyRm0IR5yNNGEVHo23S%2B43FOrq2jNs%2FUEIinc3ACYSOlidWTQWiPl1HNSzhU0tTY%2F34wrC"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cf-ray
8a84d5445c3d3aa2-FRA
content-length
78
expires
0
scripts
ht1.presglobal.store/api/ 		0
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ht1.presglobal.store/api/scripts?type=head&featureId=0&presentationId=0&miniSiteUrl=
Requested by
Host: ht1.presglobal.store
URL: https://ht1.presglobal.store/_nuxt/fcec292.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://ht1.presglobal.store/
uuid
2a450987-f8ad-45cc-8ad1-44774c059e36
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SiQaG1h2KvSbCozh9rWOSBOSFysV%2Fl8QTqlvfnoDLoW%2Bkm1N7BNPUq3YIiV0EO5pav1%2BqBnyNRQDI7eTWsj332gUy3jK%2FnD6aRHHS2HlJLfvFdfO2a%2F7EToxi7m58T7gfLgvyIN2"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
8a84d5464f823aa2-FRA
coverImage
ht1.presglobal.store/api/features/2038/ 		268 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/api/features/2038/coverImage?raw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fa8243d2e9496e86d049b93d4115788799ec1f20cec4e193f2d9bb25390e79fa

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2adbEEkmnlLzxedVHWUn3U6BO6SCAB8RCkIwk6cHJWsicbVNjR7fkjnmthKf4dgFb%2ByAvyS9vtDd8PvU2Datl9xVYOXERw4s5lbdXo8mp4NRiXHQvlyrmZ%2Bi5ijDL42jsgwcuo8k"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
8a84d549ac993aa2-FRA
content-length
274417
coverImage
ht1.presglobal.store/api/features/1909/ 		286 KB
286 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/api/features/1909/coverImage?raw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
54c7e9c2182edd5d0fe686f63d3de5e78ed93ad30150264e15e9bdb265827fd8

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gjzTke%2Fq5nTemFWDyvRtlsGBc%2Bi3aMq7xdFe2rUES%2F5XCt1wlF3kTFKTpHcjIe8FsAlGT2lvgisdtx5wjVZnsvTqD1FQin2W15EYp%2FqXbyXK8VJF6MO3g0w2Ruh%2FHW3y%2FrSguJOH"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
8a84d549ac9f3aa2-FRA
content-length
292500
coverImage
ht1.presglobal.store/api/features/1954/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/api/features/1954/coverImage?raw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f8cad0bda75b6249ab95f23dc39e89f489837fa9d2c65f5ab1dea7018d6abb40

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2BLL9NTiviD5hJPp8UIIhx7IKcQTeI0DUNm72t%2Fvb0lFkTdQaulM%2FTgW4abrUtRmEIPnhK%2Fu7PZowFKw4BChGHK%2Bkrs9LxQDlITGOST91V3qLnc0SuTPwe2SwQ4DQKJuCxrRzx7Q"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
8a84d549aca23aa2-FRA
content-length
3369173
coverImage
ht1.presglobal.store/api/features/1996/ 		298 KB
298 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/api/features/1996/coverImage?raw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f729cab0f6c2b0d03b8c6031a74e99dec91a0bcba3cf5f18c4c7070f4d00d88d

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xt%2FDwocN7YBoXqz1bKmI3a2pp5oAnB%2FZR6bpv2PPOu3I%2BDBWmB16rTtwRbh80QZg%2B9Dq465f0IL0VCdl3FzDwB79xCPUhXzn1jun3l6hiX3Iq2%2FO3L9kDuiZisGwjy4jXPby1VrQ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
8a84d549aca43aa2-FRA
content-length
304850
coverImage
ht1.presglobal.store/api/features/1928/ 		362 KB
363 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/api/features/1928/coverImage?raw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c2fe133b0e119b4fec20068337ccfa0a3a13596652be5e85b4f68a12bc71a90b

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2FuUB3W2ytOaD5rlY9XQZoJnXw7fKtolRagc1HmdRDCwNOgJh82WO2CGC79DmIcU8o09IgL0oQz7gEnm4fkj6OAdYGEmSy%2FCcZcSS5hOoJ%2Bh23rBaFJcpnQ14rHsxg3tG58AIJ2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
8a84d549acab3aa2-FRA
content-length
370585
coverImage
ht1.presglobal.store/api/features/1983/ 		687 KB
688 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/api/features/1983/coverImage?raw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e49dda1506b29d4a7ee9c65d525669a249dea2e0a2c583ace4106e9ad8a1165b

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCSEN2WRzhWanAQqVEskeZbQs4E6vh%2FRPxRgFelfTtrwmxTrvL4AX2uc%2BSqRGsh7A0Tp23kJ3tDBSoX5t7Prpu9b6OL4tSvIrJW%2Bq1AJfiIE2sxOvycevo9w6XFxvTRAzxJCETlJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
8a84d549acac3aa2-FRA
content-length
703473
coverImage
ht1.presglobal.store/api/features/1514/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/api/features/1514/coverImage?raw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3b4ec5caa59b75a761edda0d341682bebf675f0f5b0fe8ab3d7660ced75340e3

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pus%2BVJSj8BmmiWbEQC4wuYM18gJ1lqD9VCsVD5iWp1PK5iQvsu46PD9%2BKRn7UbeY8ph9iaZfko03%2BZJaidsLfOx5sH%2BvT2USYlViPldrtsdGxMV7lI3Rb3eig2U2Qdotoh4YGD7p"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
8a84d549acad3aa2-FRA
content-length
60681
coverImage
ht1.presglobal.store/api/features/1970/ 		281 KB
281 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/api/features/1970/coverImage?raw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cd740dfa723c5732b9e83d239502bf05bc72dbec42c8a389c54600dfd3b05491

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6NU%2BHyeXCxlO%2FCoau5GO7HkcO5IviBOKSVdM5wLhjlcd1WrFRJSTc85S3ie37F1B1NRSPO0T0Ci%2Bi4xzf2yVMmoV0KVL6IcS4tUYbeRROOB2ANcruPad99LnNWb4vZrGVlzBwOeW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
8a84d549acb03aa2-FRA
content-length
287257
coverImage
ht1.presglobal.store/api/features/2002/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ht1.presglobal.store/api/features/2002/coverImage?raw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
439de80cc42e220442d993feceb5341b3c05269a9ef692d1e73bfe2c09c494dc

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6JFRMJwLj6pmbwSjJcswqusRb6Sd3i4JunZWLuEk1jTjmUgPlu3MBhArP%2Fvh%2B8CxNbc4p28R2V5XlgnlB89uMpU3HUYm5WM%2BCCZ8ygqFQvj8spHmSt62cUtzwrekxwWLXyMhl4U8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cf-ray
8a84d549acb23aa2-FRA
content-length
4722308
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8DCP81EWH8&gtm=45je47h0v872861651za200zb859471316&_p=1721833782055&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=550227770.1721833783&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1721833782&sct=1&seg=0&dl=https%3A%2F%2Fht1.presglobal.store%2F&dt=%D7%AA%D7%90%D7%98%D7%A8%D7%95%D7%9F%20%D7%97%D7%99%D7%A4%D7%94&en=scroll&epn.percent_scrolled=90&_et=18&tfd=8232&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8DCP81EWH8&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 15:09:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ht1.presglobal.store
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fht1.presglobal.store%2F/DESKTOP/WIDGET_OFF/ 		77 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fht1.presglobal.store%2F/DESKTOP/WIDGET_OFF/status
Requested by
Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-07-20-07-34-16/widget_app_base_1721460856032.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.163.236.72 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-163-236-72.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Referer
https://ht1.presglobal.store/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 15:09:49 GMT
etag
W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, PUT, PATCH, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Range, Content-Length, ETag, Content-Type
cache-control
no-cache, no-store, must-revalidate
vary
Accept-Encoding
access-control-allow-headers
*
content-length
77
x-service-version
seo-w-4014e313

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| UserWayWidgetApp object| _userway_config object| vdo_player_webpackJsonp object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| VdoPlayer object| vdo object| __NUXT__ object| webpackJsonp object| onNuxtReadyCbs function| onNuxtReady object| FontAwesomeConfig object| ___FONT_AWESOME___ object| dataLayer function| Hammer object| $nuxt function| onRecaptchaLoad function| onRecaptchaSuccess function| onRecaptchaFailure object| seatmapColors object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| CONTROLS_WITH_TEXT_TAGS object| INPUT_TYPES_WITH_TEXT_CONTENT function| isInputElementWithText function| isDirectParentOfText object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream boolean| _userway function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO object| gaplugins object| gaData object| recaptcha object| closure_lm_136313 object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async

11 Cookies

Domain/Path Name / Value
ht1.presglobal.store/ Name: uuid
Value: 2a450987-f8ad-45cc-8ad1-44774c059e36
.presglobal.store/ Name: _gcl_au
Value: 1.1.726787257.1721833783
.presglobal.store/ Name: _ga_8DCP81EWH8
Value: GS1.1.1721833782.1.0.1721833782.60.0.0
.presglobal.store/ Name: _ga
Value: GA1.2.550227770.1721833783
.presglobal.store/ Name: _gid
Value: GA1.2.637615031.1721833783
.presglobal.store/ Name: _dc_gtm_UA-222523579-1
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.www.google-analytics.com/ Name: ar_debug
Value: 1
.presglobal.store/ Name: _fbp
Value: fb.1.1721833783516.335262633158721618
.presglobal.store/ Name: _ga_5EVV23HC26
Value: GS1.2.1721833783.1.0.1721833783.60.0.0
ht1.presglobal.store/ Name: session
Value: s%3AHejdoLjEybddUnI0NSrxOPA_YT_uJAqf.R%2F7GsvKuWS5xYIhLIrToyVGF8L5FWnfL4wqk7Rkytwo

1 Console Messages

Source Level URL
Text
network error URL: https://ht1.presglobal.store/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.userway.org
cdn-gce.vdocipher.com
cdn.jsdelivr.net
cdn.userway.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ht1.presglobal.store
stats.g.doubleclick.net
tickets.ht1.co.il
usrwy.com
www.facebook.com
www.google-analytics.com
www.google.co.il
www.google.com
www.googletagmanager.com
www.gstatic.com
142.250.181.227
142.250.184.228
142.250.186.136
142.250.186.163
142.250.186.35
142.250.186.42
142.250.186.98
151.101.129.229
156.146.33.140
157.240.0.6
157.240.253.35
172.67.72.22
18.239.18.93
18.239.69.124
185.127.16.226
216.239.38.178
216.239.38.181
35.163.236.72
74.125.206.157
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
0657fd3ba074d090e9c26231f14307904941d672d2679f959178f55ea14d4951
16ef0983d73eae433cfbcd8f254e3e8f13dc77f736d91045286a356a2870ee6f
1ac6ba8940ad1740a55b0ddf12a2b5c1be9f9b66581680a8bc6aec1ae71c4f77
1b646d6b0037df884f6b04eb3083c0653b3c6416a8ef7f4d7ffa2f64773f46db
1fa2f651f5f34535a6efd363e4943af779a378369324764e5bee7d63088d4a29
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
2855bddd8066426e6bc6f524d022bdd904cae25b4d24934c31634cf488ff5f84
2e9dab74046525246a32127f7f57091c846511f2cf91e902419897eaae297a04
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
3b4ec5caa59b75a761edda0d341682bebf675f0f5b0fe8ab3d7660ced75340e3
3f39dc11fcb459f58e770efc7ca21e167b01c93c2472ad3553ac1a04d9bda294
439de80cc42e220442d993feceb5341b3c05269a9ef692d1e73bfe2c09c494dc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
472f4e19f3b4f84d80b0e56b771b55e2baee3e2a68e9c960c594b576e66535b7
4899e63e9c24b89dc591cfe928839f8b00b26d74deb9840d3e97113ad4beca0a
4ca1fdad8de43719db950c1a11b5e370c2e468a555161a746f1ffd2cccfb4df1
54c7e9c2182edd5d0fe686f63d3de5e78ed93ad30150264e15e9bdb265827fd8
560a481d94b94be28e45a6ee498682f92b2eb99f8f6f5956c9aad969f61ee5e5
662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78793ed6af79a53f0a983daa7bf01fb2151d5c76938994e9a0a3f9b820714c42
7a6008809dda00054d2a5dc60c28974806290dd1ed19a61cf7fa3ecc5f5c2abe
8118ea6fb60e579373f955ca63a8cf96a4deb612c2e76e3b170a39e3edcbd75e
94a05e18acdbeb5a728e179cb11390b68ba86336b8538f8cc2b7c6cede45ff74
951f05ea89a89e1307e8b617fec15704a65f129f38305d6341c9a515150ac048
952bed69c5d6160fb43b52ba4292cd7e5a6d41e0fd00bd2c3ce9afc1e8c6eb32
9e88e04659376496635402a9c4cfc974dda28add81654e0f6d6f65e06b36b352
9f95fd545c4749dfcf41f19494a6ba75651ab982f43476c3e67fce50ca909d21
a0e848d082976c1b0189b35fbc217c65dfd5434a3232e631f015fd950cfc237e
a2a937b2109a4db1a358681788a8274e1a4f069d38ac75a79427dd0fd3d91d9b
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b4cdb6058336024dfc70807919a813365e30924f1579a28484849892ae119f68
b81b5decccdb6cc6ed71826d84f72f58bfb6c45f8b90a522c737f8a7ca9c645f
bbdb7d351645cc4a7535932d72ba71a2f40dcdcdf0c0252afb7eb774f2e95902
bf83179d79c142ad455bbc687d4773f7539aea24bc77be03b17e6a2b0f1740ae
c2fe133b0e119b4fec20068337ccfa0a3a13596652be5e85b4f68a12bc71a90b
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c53892b027ffd92bf2365a431c361a6e51003a0bcd91c915aa346d5e7300ae1c
c55af41fd0961f0ce93bde12f2d615b8680315d61a2d9a87518a77d0bd021421
caad5321aff4f00727af02b00819b138bd18501e9259ecac8c5a6751cd5c5a77
cd740dfa723c5732b9e83d239502bf05bc72dbec42c8a389c54600dfd3b05491
d19cbddff887c8ea0b6772e29194adff9e5881352a6db3f3da8394c1c503c6ba
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49dda1506b29d4a7ee9c65d525669a249dea2e0a2c583ace4106e9ad8a1165b
e8080e206bda9cd75072a4a2e508a1c7c189b39194687fe248ef7ca78705d86c
e851f2c2279a44675b78aac5c5482cfd87cf7c7b807e1631b68292c723b6423d
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f52dadfa99849c61f48fa58d9333df681c4564a4cb1e95a50e8dc064884dae2b
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f729cab0f6c2b0d03b8c6031a74e99dec91a0bcba3cf5f18c4c7070f4d00d88d
f8cad0bda75b6249ab95f23dc39e89f489837fa9d2c65f5ab1dea7018d6abb40
fa8243d2e9496e86d049b93d4115788799ec1f20cec4e193f2d9bb25390e79fa