urlscan.io logo urlscan.io
SecurityTrails logo

www.zahav.ru Open in urlscan Pro
18.245.86.11  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.zahav.ru/
Submission: On October 25 via api from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 113 IPs in 14 countries across 95 domains to perform 901 HTTP transactions. The main IP is 18.245.86.11, located in United States and belongs to AMAZON-02, US. The main domain is www.zahav.ru. The Cisco Umbrella rank of the primary domain is 511930.
TLS certificate: Issued by R3 on September 11th 2023. Valid for: 3 months.
This is the only time www.zahav.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 18.245.86.11 16509 (AMAZON-02)
23 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:212... 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:26f0:310... 20940 (AKAMAI-ASN1)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 205.185.216.42 20446 (STACKPATH...)
9 2a00:1450:400... 15169 (GOOGLE)
54 151.101.129.44 54113 (FASTLY)
32 193.150.127.23 56839 (DABLTECH)
16 193.150.127.28 56839 (DABLTECH)
10 2a09:7c44::22c9 44477 (STARK-IND...)
2 23.23.211.254 14618 (AMAZON-AES)
1 2a04:4e42:400... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.224.189.103 16509 (AMAZON-02)
10 99.86.4.102 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 18.66.188.223 16509 (AMAZON-02)
1 51.77.64.70 16276 (OVH)
8 34.160.198.118 15169 (GOOGLE)
1 142.250.184.198 15169 (GOOGLE)
1 23.32.185.60 16625 (AKAMAI-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 65.9.94.14 16509 (AMAZON-02)
9 65.9.95.54 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 2a02:2638:3::c 44788 (ASN-CRITE...)
1 16 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.35.236.201 16625 (AKAMAI-AS)
9 104.22.69.131 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
9 2a02:6b8::90 208722 (GLOBAL_DC)
2 6 51.38.120.206 16276 (OVH)
13 2602:803:c003... 26667 (RUBICONPR...)
9 25 104.18.27.193 13335 (CLOUDFLAR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 95.101.149.35 16625 (AKAMAI-AS)
9 34.149.20.76 15169 (GOOGLE)
1 185.184.8.90 204995 (RTB-HOUSE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 35.227.252.103 15169 (GOOGLE)
95 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
4 204.237.133.116 3257 (GTT-BACKB...)
15 23 185.89.211.116 29990 (ASN-APPNEX)
2 46.228.174.115 56396 (AMOBEE)
60 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:2638:3::12 44788 (ASN-CRITE...)
12 2a00:1450:400... 15169 (GOOGLE)
4 52.222.214.57 16509 (AMAZON-02)
2 34.95.69.49 396982 (GOOGLE-CL...)
32 2a02:2638:3::3 44788 (ASN-CRITE...)
4 178.250.1.6 44788 (ASN-CRITE...)
19 2a02:2638:3::10 44788 (ASN-CRITE...)
7 2a02:2638:3::1a 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.65.44 54113 (FASTLY)
26 141.226.228.48 200478 (TABOOLA-AS)
1 18.195.23.231 16509 (AMAZON-02)
14 2a00:1450:400... 15169 (GOOGLE)
56 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:d::c 44788 (ASN-CRITE...)
23 72 142.250.185.194 15169 (GOOGLE)
7 34.98.64.218 396982 (GOOGLE-CL...)
1 8 2.16.97.41 16625 (AKAMAI-AS)
1 3.75.62.37 16509 (AMAZON-02)
2 2 151.101.130.49 54113 (FASTLY)
2 2 35.204.74.118 396982 (GOOGLE-CL...)
4 4 37.157.4.29 198622 (ADFORM)
3 3 13.248.245.213 16509 (AMAZON-02)
2 81.17.55.109 60781 (LEASEWEB-...)
2 4 35.156.144.107 16509 (AMAZON-02)
1 2620:116:800d... 16509 (AMAZON-02)
2 2 3.121.79.42 16509 (AMAZON-02)
3 3 98.98.134.243 21859 (ZEN-ECN)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 3 35.214.162.244 15169 (GOOGLE)
12 142.250.185.66 15169 (GOOGLE)
3 5 46.228.164.11 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 5 2a05:d018:d29... 16509 (AMAZON-02)
3 3 213.155.156.167 1299 (TWELVE99 ...)
3 3 69.173.144.138 26667 (RUBICONPR...)
6 6 46.228.174.117 56396 (AMOBEE)
3 6 54.170.10.64 16509 (AMAZON-02)
2 104.18.25.18 13335 (CLOUDFLAR...)
1 67.202.105.24 32748 (STEADFAST)
6 184.30.22.30 16625 (AKAMAI-AS)
2 138.201.84.252 24940 (HETZNER-AS)
4 3.33.220.150 16509 (AMAZON-02)
9 2600:9000:223... 16509 (AMAZON-02)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 4 138.201.63.116 24940 (HETZNER-AS)
1 4 159.69.70.9 24940 (HETZNER-AS)
3 3 85.114.159.118 24961 (MYLOC-AS ...)
4 4 178.250.1.9 44788 (ASN-CRITE...)
3 3 198.47.127.19 62713 (AS-PUBMATIC)
2 3 63.251.14.3 32475 (SINGLEHOP...)
3 2600:9000:211... 16509 (AMAZON-02)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
3 69.192.160.219 16625 (AKAMAI-AS)
3 69.173.144.139 26667 (RUBICONPR...)
1 2 209.54.182.161 16509 (AMAZON-02)
2 2 54.83.105.107 14618 (AMAZON-AES)
2 2 13.32.27.113 16509 (AMAZON-02)
1 1 193.0.160.131 54312 (ROCKETFUEL)
1 35.244.174.68 15169 (GOOGLE)
1 1 63.35.103.141 16509 (AMAZON-02)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 141.226.224.32 200478 (TABOOLA-AS)
2 4 145.239.193.130 16276 (OVH)
22 2600:1f13:800... 16509 (AMAZON-02)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 8.2.108.194 46636 (NATCOWEB)
1 1 37.157.2.229 198622 (ADFORM)
1 52.214.242.163 16509 (AMAZON-02)
1 1 2a02:2638:3::6 44788 (ASN-CRITE...)
2 2 3.120.242.65 16509 (AMAZON-02)
1 1 184.86.251.85 20940 (AKAMAI-ASN1)
1 52.58.207.165 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 142.250.184.194 ()
901 113
31    18.245.86.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-11.fra60.r.cloudfront.net
www.zahav.ru
23    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2600:9000:2127:3600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2606:4700:20::681a:e02 (United States)

ASN13335 (CLOUDFLARENET, US)
images.newsru.co.il
3    2606:4700:20::ac43:45a5 (United States)

ASN13335 (CLOUDFLARENET, US)
detaly.co.il
1    2606:4700:3031::ac43:9d28 (United States)

ASN13335 (CLOUDFLARENET, US)
mignews.com
1    2606:4700:10::ac43:f51 (United States)

ASN13335 (CLOUDFLARENET, US)
www.9tv.co.il
1    2a02:26f0:3100:288::f33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ichef.bbci.co.uk
3    2606:4700::6813:9722 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.idealmedia.io
c.idealmedia.io
6    2606:4700:3036::6815:43eb (United States)

ASN13335 (CLOUDFLARENET, US)
pogoda.co.il
1    205.185.216.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map2.hwcdn.net
cdn.valuad.cloud
9    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
54    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
32    193.150.127.23 (Israel)

ASN56839 (DABLTECH, IL)
doska.zahav.ru
16    193.150.127.28 (Israel)

ASN56839 (DABLTECH, IL)
date.zahav.ru
10    2a09:7c44::22c9 (Meppel, Netherlands)

ASN44477 (STARK-INDUSTRIES, GB)
freecurrencyrates.com
2    23.23.211.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-211-254.compute-1.amazonaws.com
ping.chartbeat.net
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
4    2a00:1450:4001:803::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
hb-dot-valuad.appspot.com
1    13.224.189.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-103.fra2.r.cloudfront.net
ecdn.analysis.fi
10    99.86.4.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-102.fra6.r.cloudfront.net
ecdn.firstimpression.io
2    2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.188.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-188-223.muc50.r.cloudfront.net
d2xerlamkztbb1.cloudfront.net
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
8    34.160.198.118 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 118.198.160.34.bc.googleusercontent.com
images.wcdn.co.il
1    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
ad.doubleclick.net
1    23.32.185.60 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-60.deploy.static.akamaitechnologies.com
widgets.outbrain.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    65.9.94.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-94-14.prg50.r.cloudfront.net
d221oziut8gs4d.cloudfront.net
9    65.9.95.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-54.prg50.r.cloudfront.net
cdn.firstimpression.io
1    2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
16    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
9    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    2a02:fa8:8806:20::2100 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
9    2a02:6b8::90 (Ulyanovsk, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
bs.yandex.ru
6    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
13    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
25    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
r.casalemedia.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    95.101.149.35 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-35.deploy.static.akamaitechnologies.com
a.teads.tv
9    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
6    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
95    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
17    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
980f32f49bbaa4001f882563a2c53b4b.safeframe.googlesyndication.com
91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
4    204.237.133.116 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
hbopenbid.pubmatic.com
23    185.89.211.116 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
2    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
60    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
4    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
12    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    52.222.214.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-57.fra56.r.cloudfront.net
outbid.firstimpression.io
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
32    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
19    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
7    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
5    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
26    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-vid-events.taboola.com
am-match.taboola.com
sync.taboola.com
1    18.195.23.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-23-231.eu-central-1.compute.amazonaws.com
ressaymonstives.com
14    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
56    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
72    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
pixelgroup-d.openx.net
8    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
1    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
4    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    81.17.55.109 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync.smartadserver.com
4    35.156.144.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-144-107.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    3.121.79.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-79-42.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    35.214.162.244 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 244.162.214.35.bc.googleusercontent.com
csync.loopme.me
12    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
5    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2a02:fa8:8806:21::1720 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
5    2a05:d018:d29:3602:15eb:19d4:d59:9b24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    213.155.156.167 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
6    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
6    54.170.10.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-10-64.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
6    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    138.201.84.252 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.252.84.201.138.clients.your-server.de
hal9000.redintelligence.net
4    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
9    2600:9000:223f:de00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
4    138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de
hal90004.redintelligence.net
4    159.69.70.9 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de
hal900017.redintelligence.net
3    85.114.159.118 (Mossingen, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    63.251.14.3 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: 3.14.251.63.unassigned.ord.singlehop.net
ap.lijit.com
3    2600:9000:211e:3800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
3    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
tags.bluekai.com
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    54.83.105.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-105-107.compute-1.amazonaws.com
i.liadm.com
2    13.32.27.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-113.fra56.r.cloudfront.net
live.rezync.com
1    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    63.35.103.141 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-103-141.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
22    2600:1f13:800:7780:d0e3:4e6d:63ee:b33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
1    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
www.ad-server.eu
1    2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)
ad-server.eu
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    52.214.242.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-242-163.eu-west-1.compute.amazonaws.com
match.360yield.com
1    2a02:2638:3::6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ssp-sync.criteo.com
2    3.120.242.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-242-65.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
1    184.86.251.85 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-85.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    52.58.207.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-207-165.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    142.250.184.194 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
175 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
980f32f49bbaa4001f882563a2c53b4b.safeframe.googlesyndication.com
91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
ade.googlesyndication.com
964 KB
123 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214
ad.doubleclick.net — Cisco Umbrella Rank: 173
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 443
1 MB
83 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1126
trc.taboola.com — Cisco Umbrella Rank: 680
vidstat.taboola.com — Cisco Umbrella Rank: 3058
am-trc-events.taboola.com — Cisco Umbrella Rank: 15139
images.taboola.com — Cisco Umbrella Rank: 1964
imprammp.taboola.com — Cisco Umbrella Rank: 14739
am-vid-events.taboola.com — Cisco Umbrella Rank: 13899
am-match.taboola.com — Cisco Umbrella Rank: 15405
sync.taboola.com — Cisco Umbrella Rank: 1031
pips.taboola.com — Cisco Umbrella Rank: 1752
cds.taboola.com — Cisco Umbrella Rank: 2153
1 MB
79 zahav.ru
www.zahav.ru — Cisco Umbrella Rank: 511930
doska.zahav.ru — Cisco Umbrella Rank: 431459
date.zahav.ru — Cisco Umbrella Rank: 605882
1 MB
58 criteo.net
static.criteo.net — Cisco Umbrella Rank: 728
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9717
csm.eu.criteo.net — Cisco Umbrella Rank: 9249
424 KB
56 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 344
1 MB
37 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1153
static.adsafeprotected.com — Cisco Umbrella Rank: 720
dt.adsafeprotected.com — Cisco Umbrella Rank: 658
308 KB
25 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 570
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513
r.casalemedia.com — Cisco Umbrella Rank: 1837
18 KB
25 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 563
pixel.rubiconproject.com — Cisco Umbrella Rank: 409
eus.rubiconproject.com — Cisco Umbrella Rank: 662
token.rubiconproject.com — Cisco Umbrella Rank: 504
46 KB
24 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 478
bidder.criteo.com — Cisco Umbrella Rank: 895
ads.eu.criteo.com — Cisco Umbrella Rank: 9209
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10275
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15658
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15502
dis.criteo.com — Cisco Umbrella Rank: 648
mug.criteo.com — Cisco Umbrella Rank: 2541
ssp-sync.criteo.com — Cisco Umbrella Rank: 1344
184 KB
23 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 261
secure.adnxs.com — Cisco Umbrella Rank: 542
17 KB
23 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 31165
cdn.firstimpression.io — Cisco Umbrella Rank: 29900
outbid.firstimpression.io — Cisco Umbrella Rank: 46402
755 KB
16 google.com
www.google.com — Cisco Umbrella Rank: 2
3 KB
13 openx.net
rtb.openx.net — Cisco Umbrella Rank: 912
us-u.openx.net — Cisco Umbrella Rank: 547
pixelgroup-d.openx.net — Cisco Umbrella Rank: 112800
2 KB
12 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 223
706 KB
10 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41903
hal90004.redintelligence.net — Cisco Umbrella Rank: 273642
hal900017.redintelligence.net — Cisco Umbrella Rank: 348900
21 KB
10 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4057
ssc-cms.33across.com — Cisco Umbrella Rank: 1180
2 KB
10 freecurrencyrates.com
freecurrencyrates.com — Cisco Umbrella Rank: 302050
151 KB
9 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
sync.teads.tv — Cisco Umbrella Rank: 1584
2 KB
9 yandex.ru
bs.yandex.ru — Cisco Umbrella Rank: 13295
2 KB
9 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2991
prebid.smilewanted.com Failed
static.smilewanted.com — Cisco Umbrella Rank: 10113
18 KB
9 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
178 KB
8 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 588
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581
image6.pubmatic.com — Cisco Umbrella Rank: 967
66 KB
8 wcdn.co.il
images.wcdn.co.il — Cisco Umbrella Rank: 99528
96 KB
6 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 363
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
3 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 913
1 KB
6 pogoda.co.il
pogoda.co.il — Cisco Umbrella Rank: 583693
8 KB
5 turn.com
ad.turn.com — Cisco Umbrella Rank: 1024
r.turn.com — Cisco Umbrella Rank: 4738
2 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 643
cm.adform.net — Cisco Umbrella Rank: 1279
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 379
104 KB
4 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 51750
3 KB
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 985
s.tribalfusion.com — Cisco Umbrella Rank: 2451
2 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
593 B
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 649
3 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 387
2 KB
4 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 966
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1343
1 KB
4 appspot.com
hb-dot-valuad.appspot.com — Cisco Umbrella Rank: 74994
122 B
3 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 734
2 KB
3 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 893
715 B
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 754
1 KB
3 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617
2 KB
3 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5121
917 B
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1165
1 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 847
2 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 434
1 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1696
mp.4dex.io — Cisco Umbrella Rank: 2423
26 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
region1.google-analytics.com — Cisco Umbrella Rank: 2250
21 KB
3 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 63837
c.idealmedia.io — Cisco Umbrella Rank: 56240
100 KB
3 detaly.co.il
detaly.co.il — Cisco Umbrella Rank: 339432
102 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1738
mab.chartbeat.com — Cisco Umbrella Rank: 2811
25 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1204
1 KB
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1822
1 KB
2 ad-server.eu
www.ad-server.eu — Cisco Umbrella Rank: 279528
ad-server.eu — Cisco Umbrella Rank: 131281
54 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 521
1 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 2003
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 617
1 KB
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 328
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 753
cdn.indexww.com — Cisco Umbrella Rank: 1795
2 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1069
2 KB
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 951
89 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 952
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 782
836 B
2 gstatic.com
fonts.gstatic.com
49 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1374
104 B
2 dotomi.com
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3968
dclk-match.dotomi.com — Cisco Umbrella Rank: 3431
318 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
11 KB
2 cloudfront.net
d2xerlamkztbb1.cloudfront.net
d221oziut8gs4d.cloudfront.net
2 KB
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1445
401 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 250
5 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 621
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 620
616 B
1 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2517
199 B
1 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3356
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1011
383 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 445
98 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1000
1 KB
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 50844
607 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2268
173 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 929
463 B
1 ressaymonstives.com
ressaymonstives.com — Cisco Umbrella Rank: 146141
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
2 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 2049
46 KB
1 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7541
175 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6147
408 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 2100
1 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 5842
175 B
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 35193
2 KB
1 valuad.cloud
cdn.valuad.cloud — Cisco Umbrella Rank: 111730
275 KB
1 bbci.co.uk
ichef.bbci.co.uk — Cisco Umbrella Rank: 8393
18 KB
1 9tv.co.il
www.9tv.co.il — Cisco Umbrella Rank: 412796
87 KB
1 mignews.com
mignews.com — Cisco Umbrella Rank: 400693
87 KB
1 newsru.co.il
images.newsru.co.il — Cisco Umbrella Rank: 510577
125 KB
0 richaudience.com Failed
sync.richaudience.com Failed
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
901 95
Domain Requested by
95 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.zahav.ru
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
72 cm.g.doubleclick.net 23 redirects googleads.g.doubleclick.net
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
60 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
www.zahav.ru
4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
56 s0.2mdn.net www.zahav.ru
s0.2mdn.net
40 images.taboola.com
32 static.criteo.net ads.eu.criteo.com
cdn.valuad.cloud
static.criteo.net
cdnjs.cloudflare.com
32 doska.zahav.ru www.zahav.ru
doska.zahav.ru
31 www.zahav.ru www.zahav.ru
23 securepubads.g.doubleclick.net www.zahav.ru
securepubads.g.doubleclick.net
ecdn.firstimpression.io
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
22 dt.adsafeprotected.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
22 am-trc-events.taboola.com cdn.taboola.com
20 ib.adnxs.com 12 redirects ecdn.firstimpression.io
googleads.g.doubleclick.net
19 imageproxy.eu.criteo.net ads.eu.criteo.com
17 dsum-sec.casalemedia.com 8 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
16 www.google.com 1 redirects www.zahav.ru
tpc.googlesyndication.com
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
16 date.zahav.ru www.zahav.ru
date.zahav.ru
14 googleads.g.doubleclick.net 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
pagead2.googlesyndication.com
www.zahav.ru
13 fastlane.rubiconproject.com cdn.valuad.cloud
ecdn.firstimpression.io
12 googleads4.g.doubleclick.net www.zahav.ru
12 www.googletagservices.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
10 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com securepubads.g.doubleclick.net
10 ecdn.firstimpression.io www.zahav.ru
ecdn.firstimpression.io
10 freecurrencyrates.com www.zahav.ru
10 cdn.taboola.com www.zahav.ru
cdn.taboola.com
9 static.adsafeprotected.com fw.adsafeprotected.com
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
9 ssc.33across.com cdn.valuad.cloud
9 bs.yandex.ru cdn.valuad.cloud
9 cdn.firstimpression.io ecdn.firstimpression.io
9 www.googletagmanager.com www.zahav.ru
www.googletagmanager.com
8 sync.teads.tv 1 redirects googleads.g.doubleclick.net
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
8 images.wcdn.co.il www.zahav.ru
7 csm.eu.criteo.net ads.eu.criteo.com
7 csync.smilewanted.com cdn.valuad.cloud
csync.smilewanted.com
6 eus.rubiconproject.com cdn.valuad.cloud
eus.rubiconproject.com
imprammp.taboola.com
am-match.taboola.com
6 fw.adsafeprotected.com 3 redirects www.zahav.ru
6 us-u.openx.net googleads.g.doubleclick.net
6 rtb.openx.net cdn.valuad.cloud
ecdn.firstimpression.io
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
6 onetag-sys.com 2 redirects cdn.valuad.cloud
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
csync.smilewanted.com
6 pogoda.co.il www.zahav.ru
5 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 gum.criteo.com 1 redirects cdn.taboola.com
cdn.valuad.cloud
static.criteo.net
4 pv.medialead.de 2 redirects hal90004.redintelligence.net
hal900017.redintelligence.net
4 dis.criteo.com 4 redirects
4 hal900017.redintelligence.net 1 redirects 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
hal900017.redintelligence.net
4 hal90004.redintelligence.net 1 redirects 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
hal90004.redintelligence.net
4 match.adsrvr.org imprammp.taboola.com
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
am-match.taboola.com
ssum-sec.casalemedia.com
4 sync.1rx.io 4 redirects
4 x.bidswitch.net 2 redirects 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
csync.smilewanted.com
4 c1.adform.net 4 redirects
4 cat.nl3.eu.criteo.com ads.eu.criteo.com
4 outbid.firstimpression.io ecdn.firstimpression.io
4 ads.eu.criteo.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
4 hbopenbid.pubmatic.com ecdn.firstimpression.io
4 htlb.casalemedia.com cdn.valuad.cloud
ecdn.firstimpression.io
4 hb-dot-valuad.appspot.com cdn.valuad.cloud
3 ade.googlesyndication.com
3 token.rubiconproject.com eus.rubiconproject.com
3 tags.bluekai.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
www.zahav.ru
3 a.tribalfusion.com 1 redirects 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
3 s.ad.smaato.net 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
3 ap.lijit.com 2 redirects csync.smilewanted.com
3 image6.pubmatic.com 3 redirects
3 dsp.adfarm1.adition.com 3 redirects
3 pixel.rubiconproject.com 3 redirects
3 d5p.de17a.com 3 redirects
3 ad.turn.com 3 redirects
3 csync.loopme.me 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 secure.adnxs.com 3 redirects
3 eb2.3lift.com 3 redirects
3 rtb.fr3.eu.criteo.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
3 trc.taboola.com cdn.taboola.com
3 detaly.co.il www.zahav.ru
2 9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 rtb.mfadsrvr.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 pixel.tapad.com 2 redirects
2 live.rezync.com 2 redirects
2 i.liadm.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 sync.taboola.com imprammp.taboola.com
am-match.taboola.com
2 hal9000.redintelligence.net 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
2 sync.targeting.unrulymedia.com 2 redirects
2 r.turn.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 ssbsync.smartadserver.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
2 um.simpli.fi 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 i.clean.gg cadmus.script.ac
2 static.smilewanted.com csync.smilewanted.com
2 targeting.unrulymedia.com ecdn.firstimpression.io
2 script.4dex.io cdn.valuad.cloud
script.4dex.io
2 cdn.jsdelivr.net ecdn.firstimpression.io
cdn.valuad.cloud
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ping.chartbeat.net www.zahav.ru
2 jsc.idealmedia.io www.zahav.ru
jsc.idealmedia.io
2 static.chartbeat.com www.zahav.ru
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 match.sharethrough.com csync.smilewanted.com
1 ads.stickyadstv.com 1 redirects
1 ssp-sync.criteo.com 1 redirects
1 match.360yield.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
1 cm.adform.net 1 redirects
1 us.ck-ie.com csync.smilewanted.com
1 ad-server.eu hal900017.redintelligence.net
1 www.ad-server.eu hal90004.redintelligence.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 r.casalemedia.com ssum-sec.casalemedia.com
1 sync.crwdcntrl.net 1 redirects
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 p.rfihub.com 1 redirects
1 mug.criteo.com
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
1 rtb.nl3.eu.criteo.com
1 am-match.taboola.com vidstat.taboola.com
1 am-vid-events.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 pixelgroup-d.openx.net cdn.valuad.cloud
1 ssc-cms.33across.com cdn.valuad.cloud
1 js-sec.indexww.com cdn.valuad.cloud
1 dclk-match.dotomi.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
1 tr.blismedia.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
1 cms.quantserve.com 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
1 ups.analytics.yahoo.com googleads.g.doubleclick.net
1 ressaymonstives.com
1 vidstat.taboola.com cdn.taboola.com
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 980f32f49bbaa4001f882563a2c53b4b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cadmus.script.ac script.4dex.io
1 mp.4dex.io cdn.valuad.cloud
1 prebid-eu.creativecdn.com cdn.valuad.cloud
1 a.teads.tv cdn.valuad.cloud
1 bidder.criteo.com cdn.valuad.cloud
1 web.hb.ad.cpe.dotomi.com cdn.valuad.cloud
1 ads.pubmatic.com cdn.valuad.cloud
1 c.idealmedia.io www.zahav.ru
1 www.google.de www.zahav.ru
1 stats.g.doubleclick.net www.google-analytics.com
1 d221oziut8gs4d.cloudfront.net d2xerlamkztbb1.cloudfront.net
1 region1.google-analytics.com www.googletagmanager.com
1 widgets.outbrain.com www.zahav.ru
1 ad.doubleclick.net www.zahav.ru
1 pro.ip-api.com www.zahav.ru
1 d2xerlamkztbb1.cloudfront.net www.zahav.ru
1 ecdn.analysis.fi www.zahav.ru
1 mab.chartbeat.com static.chartbeat.com
1 cdn.valuad.cloud www.zahav.ru
1 ichef.bbci.co.uk www.zahav.ru
1 www.9tv.co.il www.zahav.ru
1 mignews.com www.zahav.ru
1 images.newsru.co.il www.zahav.ru
0 sync.richaudience.com Failed csync.smilewanted.com
0 cm-supply-web.gammaplatform.com Failed ssum-sec.casalemedia.com
0 sync.search.spotxchange.com Failed googleads.g.doubleclick.net
0 prebid.smilewanted.com Failed cdn.valuad.cloud
901 163
Subject Issuer Validity Valid
*.zahav.ru
R3		 2023-09-11 -
2023-12-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-13 -
2024-02-13		 a year crt.sh
9tv.co.il
E1		 2023-08-28 -
2023-11-26		 3 months crt.sh
www.bbc.co.uk
GlobalSign RSA OV SSL CA 2018		 2022-10-17 -
2023-11-18		 a year crt.sh
pogoda.co.il
GTS CA 1P5		 2023-09-07 -
2023-12-06		 3 months crt.sh
valuad.cloud
E1		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
doska.zahav.ru
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
date.zahav.ru
R3		 2023-09-07 -
2023-12-06		 3 months crt.sh
www.freecurrencyrates.com
R3		 2023-09-09 -
2023-12-08		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.appspot.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
analysis.fi
Amazon RSA 2048 M01		 2023-10-04 -
2024-10-31		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
images.wcdn.co.il
R3		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-09-24 -
2024-03-24		 6 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
teads.tv
R3		 2023-10-09 -
2024-01-07		 3 months crt.sh
ssc.33across.com
GTS CA 1D4		 2023-08-30 -
2023-11-28		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
cadmus.script.ac
E1		 2023-09-02 -
2023-12-01		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-09-17 -
2023-12-16		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-09 -
2024-01-01		 3 months crt.sh
ressaymonstives.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-07 -
2023-12-30		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
pv.medialead.de
R3		 2023-10-12 -
2024-01-10		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh

This page contains 102 frames:

Primary Page: https://www.zahav.ru/
Frame ID: 8DFED22DA3A031C7397FB1C5AC1C8C17
Requests: 235 HTTP requests in this frame

Frame: https://www.zahav.ru/currency
Frame ID: F1687F70C2DBB292D39BF9FA407EAF54
Requests: 12 HTTP requests in this frame

Frame: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Frame ID: 43B54DBC98EF313EDEFDFBCD9027ED5F
Requests: 15 HTTP requests in this frame

Frame: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Frame ID: 0563294B89D50CF6568D1F3763741786
Requests: 17 HTTP requests in this frame

Frame: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Frame ID: E4C21AE5F1285000F12F2DFF7C3C0CC1
Requests: 8 HTTP requests in this frame

Frame: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Frame ID: 1BE41CB5F7816037B9786A09F4787213
Requests: 8 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 9D29A90EE597D5E7631B427676A4A5BF
Requests: 13 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 49FF6092CD8D694CC68678A8250D9081
Requests: 16 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: 790FFF42EA4287E571C09A34061A4D52
Requests: 16 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FF557902E55012E0E18911700879C78E
Requests: 1 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42B4486EEAD1CD13A1F63FD2D2BC4184
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5190BC50F72C6FCE50BB1C5593BF94A4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A5B3FDB2754D10B424825148230A106
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Frame ID: 4AA90CBC3457A42A226301AB10229960
Requests: 18 HTTP requests in this frame

Frame: https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 1DC0695684FCD61CEF87A8DAEA216964
Requests: 1 HTTP requests in this frame

Frame: https://980f32f49bbaa4001f882563a2c53b4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 048FDDC54A80853B13AE0FC9E5554F87
Requests: 1 HTTP requests in this frame

Frame: https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: AD0D03CB4BD53E515CF754938A42C98E
Requests: 1 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DBF681D8555963D1DCE3FFA0FF473C6D
Requests: 15 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1A78CBC80C453703C0C410D7763F41DE
Requests: 32 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DCB2BA4554342FEB6C08EA6E7B170A1F
Requests: 32 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1149DA8881A1ECBE3FD68E4C00874072
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310161805000/amp4ads-v0.mjs
Frame ID: 8C234606381A9C62253D3F02A9E07FBF
Requests: 16 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 647C1185C0944D46A5C2B61FF1805BCA
Requests: 30 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3DA128FEF1C6559709FF39F919309C00
Requests: 17 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FF4D2CB8E1C3B9A01838A55BF85FA94F
Requests: 13 HTTP requests in this frame

Frame: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2ED20EECF95552546BD145EE9B4C0C21
Requests: 16 HTTP requests in this frame

Frame: https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: CEA377D6091E603072889963BE8D1DF8
Requests: 9 HTTP requests in this frame

Frame: https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5AB8203B5DA1FDD1DB32EC5B88B481BD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNWzKT0gzLFrvJECQfKS5q6LxXkhN-FIOGUVvtFcK5Z8FX6Db_omkCDq0gXNfU6Jc-Rgv-7Vf4h4h9uh_Qo-eyis5xA0zjPTkNGIafXFnJE0bly8Lnz7i6iLzZ5uPbgBctjMhgZF5HroYIgY_-Bj7ueeWbX7xld5ukXsvOcjc7Nvc6zol20
Frame ID: 5D24A363A00C89AE436DFD571D2FC69C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 74C8E3760220DA9FEF4874D79B32A3CF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNXlwHjZYTWn43oMdvILtZpfOA5kZ5mXtD-rIdnmc84tHGAsKFe-fLLDY4b3T2BXg0Kn2T2eQze7GjP1vCv6W1PaexRmvUQPPBjicHUfB2RK9vuROIQx7Ohg-qjYwDBtykDIkrS8k-SPy5HpRxUwMTENpFUgMYXlFs2FC5cvWqJDZUAkXLo
Frame ID: 810F25A90B0B8C9CE532C83AB722AC45
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWGd78736nPVtvetVCbjW58w2_ceLjACiYctZcfGSsGPE9oFOiOZmbndpdM_0KiQwdmb4pbyeLVmzI1JBl1uUr_1tTCwyNJ0z3wOfYoaqzUpymP0xV_9apKcf9wp0NUYtBPxZyaEGPZPh6K0C9zzs-51dKMpGy2II7OVGXxzEGiWeifDrE
Frame ID: FC72C7620438EBBAA5954BC1B0199DFF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjTuKTlATAB&v=APEucNVskw9XiiR4ItGpVKaeUZhLEcsJBesirTJtnHb_6cBv4y0IeiS4qJXh1zYlo5Ur1s1JVqzeQQTwWtu_0HAE-tGjt6b5MYMDG1DsHviyjugVCpWebQbudy5bf-lJwTKJ_-VOUdBFA33QgNLuUmEtPBAK_Y-X_3dCy1BlfFrVBdj5ImX4eoM
Frame ID: E0E4B6FA9165DA33F222A973B334E0BB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4877C5AE2748B54D521ABF54798CFDEF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXDDN-tQUixL5EaC9MG7KoYuZOjEnjxXkV3Z7hgOfI9GzHnKaktfJ7rZD0b4u4FDX9dfmzilSVHMVG2AxCGeOtqlkMw2yxtNOuoZjuHPDRuIXHOsPmtS3BLdX8j5V-Ee9FFjAEURBc4C8tTM4qib6KGlEY8AauKV6ruAZrVfgGk192lXpQ
Frame ID: 706DC18C6C486329B261502C922A33A6
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxislrzGATAB&v=APEucNUTMd8DPOrXe2kx6t3E2uxbz6gvnPv9LwftxHfYLEKwjowY42AEW4l2om-6v79bf6eKk6L7SAz0QV_vqlpwQahxrCehaL8-Rk24NgRAmxmRIlZ2KGep5CYmYNQXZPNP9SsBH34vmSjd_V_dsuqaVY14AKVoXHsw9c9fdQUQIjbV0OCuDfE
Frame ID: 257F8A89C0FFCD4FF017CAEAA8ADFD9D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNVhMOCYe6ImbRIP_vQtYunRQdnzGtOLqI92qmEAAFOgCDy80L9FOfm3eXdVO49uACuoC1EzA95GL0e4KirPV7EWcTCg36bN1e4AEoBMt0B55dr0cWpaYhBkPN4_qqKo89BceZhAHX5A6rPLwQ1EiUPGOtc1PzSIqGAp-oWgFTuP_LOhhL0
Frame ID: 9F149EB0157985BBCFCEAA224D672B10
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 38A5F8A156315238765A1148F62D9CBA
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxislrzGATAB&v=APEucNXC226dtO2DU8G18-Ab6QI5xi0nuUE0BODfh_-XS0YPZaINyzJSCTYTleEyPUG5Cbpaudy6r3asldsNTb0BbZE5uZAkjeeASZOc5qn4hciViBd60FnIb1CAJEVOw37Bek-9URX9wpgyQz-vRE9a1xaVa8aCyKIdxClyL7bDYNvxDb5ddN4
Frame ID: FCC183901C9ECBE187618D80F961664E
Requests: 4 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Frame ID: 991AD4A5C6456727BDF07C24F8BA4219
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Frame ID: 54AD80AC9EAC61145471BD8D5114B9A9
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C3D16F86A9EACEB8D860EB58CCDAD8E8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8CD4191B7B76B246F66F5EF697EBB97C
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
Frame ID: AB572BBF48103C95BB1561178A9D405F
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
Frame ID: 6FC02314DC6BF6598A0F503A6705EB24
Requests: 11 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/static/js/fiamp.js
Frame ID: C7D2B9FE7397B10040BD6C176423EA4C
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
Frame ID: B84E989CB73E894E4456366E3317BEB6
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF497AF3B087D391C7B493D91814F9EA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 28A6FD4643BEF245F2FDD0A9CA46BBBC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 325E76EA6B1B511F6AA3B28C0DD95023
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AA88B22393463D5CB67DCAD679D377B1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 568E87DFF120113C22C8B8F60C31E621
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 28A5914DA1ED547C9743C6E7FA989D37
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 6C8B54844DE428B24AD5132633DEC893
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7B8588E00141D226290112502978025A
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atxXvOBJyr7ikVrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 41BD71DCF3EEFA4D062C3F27C5F72E98
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1698238569291
Frame ID: B1ED2E9002CC0375DBF64B1EC65AB474
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 0C89CD5F9BD754C5923807E01BCE98F9
Requests: 3 HTTP requests in this frame

Frame: https://pixelgroup-d.openx.net/w/1.0/pd
Frame ID: A03D48F7E2B980858CAE2A3ADD9ECD4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9FBD4E26150096D1D711EE0A687B07CA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D3AF27B91C942BF5B88A9C7D6828D5FA
Requests: 9 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&cmcv=&pix=undefined&cb=1698238572979&uv=3351&tms=1698238572979&abt=aatest_vB!adxsub-out_vA!adxsub-out_vB!mprdct01val_vB!tbt_all_video!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=3a25842c-3673-4248-ba31-ae81f1769fff&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2F0C70231614555477A1649437E0976B
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.zahav.ru
Frame ID: E172139E3141BBC2824ACBE5D4EBCC52
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 66E3DBD5934ACA2ACBE050FE54E487CC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: DEE8C0F04529F31FB24E327A5CBAF8D7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BEAAA0ECBF7AA820F70B9128882A9B9F
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 82EC9FC5A4AD02D7CA9E28A0A166950B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: F73E3557A1B76D0DDC31C9CF2CE09A02
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Frame ID: F682F13EEF39D687C3BAFC254746E701
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3DD2AA5FDBAD7A47BAA5AAD8AB4A676F
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: EE21211CA39A7121D423BB696565AF67
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 750583174FDC845A2CE6CCD16CF6E09D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Frame ID: 06838944A0C18CA17464EDCFAA4D5A0F
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 46A42FF63904186ECC19C8FC5D3AFF94
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
Frame ID: AB121D0D7C2FF5F74AB38CF4972D8C09
Requests: 8 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: FE54A938B9E20D0272C3D9D89F679F5E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: AF35BA3B1B5A9E3FE83126AE030B52F3
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F41513D5D7C7C0FD785379424609E980
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150edeb7d68276c11dd?subid=53791500078843104445308012488004&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 9E3E6C3AE8453CECEEA5CC81999E24A0
Requests: 1 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=53791500078843104445308012488004&a=409532f9
Frame ID: D527E344A1D30F4F0C0DF67A6E57CD21
Requests: 4 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/89f7480c0afa0150151f163b0ba936a5?subid=31984700078412504445308012488017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 8015EACC1C97FBAF86979BEFA041AF88
Requests: 1 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=31984700078412504445308012488017&a=e3b1351e
Frame ID: ED4F1C0F5941333D33121416C5B556CC
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4D7E7CE55C40BC301113E8B0CDA5CAA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D522BF7A3B307414E44F5A35E7D90F74
Requests: 9 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 88DCECC914DFFC07801F90BE00E78362
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 19E38BF8575E9FB981E62F61630D0125
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Frame ID: E14847986F4649694B9A41DAD8FD4A77
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 039A1246B4E5E8D57E83606D36D828B0
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
Frame ID: 20FF1212B96C48C4F05C68FC936019DA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003
Frame ID: 2933F2CC4D3534E326C491192E073D33
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/179aae56-a184-522a-98be-4df2fd875d9d
Frame ID: 8E5B4D25BF327F6CFEFC35E6EAA061A3
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: FB34CDCD52AA5173CF0EF3C473E089D2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/7769368039249428401
Frame ID: 23FDF682148FDD7E297D173ECCA03FDF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Frame ID: 67333936F12DF3A1467421D0B838D651
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a8704b10-757f-4611-8899-2094467f3bc8&ssp=criteo
Frame ID: 9EC786DE36EB0672E26F14E17DEC1C48
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/90fc61ffe7d996e53021b9582855508a?gdpr_consent=&gdpr=0
Frame ID: 880FD81E8799511044547CFA380BE33A
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 3C400A3E18F17B9D54E19C122AB0ABD2
Requests: 1 HTTP requests in this frame

Frame: https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 37A0CB56E2AEB38B9B2CEC0A9068CF01
Requests: 1 HTTP requests in this frame

Frame: https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 9F04B758166BD2FF66F44BA5284430AD
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Frame ID: 4EF7A4CC09333612A0FCF2A89DFB7D57
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F51A511714E438E1A0E5CF1EAB3FD325
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC9BECAD40A1ACEA639E8194B4E13F2B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

zahav.ru - все об Израиле на русском языке

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

901
Requests

89 %
HTTPS

39 %
IPv6

95
Domains

163
Subdomains

113
IPs

14
Countries

10192 kB
Transfer

24797 kB
Size

85
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 424
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Request Chain 425
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Request Chain 426
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECDHQ5_JvBnCbtzlOuXhv84&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
Request Chain 427
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
Request Chain 428
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Request Chain 429
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECDHQ5_JvBnCbtzlOuXhv84&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
Request Chain 431
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Request Chain 433
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Request Chain 434
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECDHQ5_JvBnCbtzlOuXhv84&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
Request Chain 435
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
Request Chain 436
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Request Chain 437
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Request Chain 438
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECDHQ5_JvBnCbtzlOuXhv84&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
Request Chain 439
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
Request Chain 448
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
Request Chain 450
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
Request Chain 452
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
Request Chain 456
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
Request Chain 458
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPtQfD-7GTYPPnD2IuOCqM&google_cver=1
Request Chain 495
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 520
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_cver=1&google_push=AXcoOmTNtRD80cv7oYoRZ2Xi0cSfRpMJM3cmcbrVENPTo0P6he9RQT5AbHUD-7PxVcPRHIRWTwpiiWPmM80JX53b1UByWgQd_Ac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_push=AXcoOmTNtRD80cv7oYoRZ2Xi0cSfRpMJM3cmcbrVENPTo0P6he9RQT5AbHUD-7PxVcPRHIRWTwpiiWPmM80JX53b1UByWgQd_Ac
Request Chain 521
  • https://um.simpli.fi/gp_match?google_gid=CAESEFL4zcU3ZjMTlx5y5_EEnno&google_cver=1&google_push=AXcoOmRggk00Aa23Av1n-W8do1IdMRdMyeKwky0mqUHTwkcl0D0s9sWLIyTYj3EGK-vvAudRPqFBMzCnl6zHJtrc9oqxCwpL3a8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724E311D0B2F44A883B9EEE9F49D75CE&google_push=AXcoOmRggk00Aa23Av1n-W8do1IdMRdMyeKwky0mqUHTwkcl0D0s9sWLIyTYj3EGK-vvAudRPqFBMzCnl6zHJtrc9oqxCwpL3a8
Request Chain 522
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsrr4kYNLNhlhJcAG82Blc&google_cver=1&google_push=AXcoOmRnpbyRKcJGViodgiCbE0W-bLhXTgAbADNhaZ4Yqox6_NpGUGkxmh0zJTmXVX0qFcMtQGwWd4GtVaROnEZ5QQv8TK6Yxw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEsrr4kYNLNhlhJcAG82Blc&google_cver=1&google_push=AXcoOmRnpbyRKcJGViodgiCbE0W-bLhXTgAbADNhaZ4Yqox6_NpGUGkxmh0zJTmXVX0qFcMtQGwWd4GtVaROnEZ5QQv8TK6Yxw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2OTM2ODAzOTI0OTQyODQwMQ&google_push=AXcoOmRnpbyRKcJGViodgiCbE0W-bLhXTgAbADNhaZ4Yqox6_NpGUGkxmh0zJTmXVX0qFcMtQGwWd4GtVaROnEZ5QQv8TK6Yxw
Request Chain 523
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGNgEqrkB64bbf9_bzxSyF8&google_cver=1&google_push=AXcoOmSnGTrKh8A45LELiOnpZHFjMDldYU3euFiHSlSKc_7aX6B22LZn2cmnmxrwayVwiAkDQZQpfDGuz3UYuK2SS5hYPebavQk HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSnGTrKh8A45LELiOnpZHFjMDldYU3euFiHSlSKc_7aX6B22LZn2cmnmxrwayVwiAkDQZQpfDGuz3UYuK2SS5hYPebavQk&google_gid=CAESEGNgEqrkB64bbf9_bzxSyF8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg5MTA1NzUzMDM2MzM2OTQ4ODQ2OQ%3D%3D&google_push=AXcoOmSnGTrKh8A45LELiOnpZHFjMDldYU3euFiHSlSKc_7aX6B22LZn2cmnmxrwayVwiAkDQZQpfDGuz3UYuK2SS5hYPebavQk
Request Chain 525
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQZr2vrbwSKfwFxDJpAT7wTo_IOF9m9bHgHJs0OwypnmJSItw5cw9yHA6S4PB48WrGzTScBnonFJ52VxhRYknG2JsOkKznj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQZr2vrbwSKfwFxDJpAT7wTo_IOF9m9bHgHJs0OwypnmJSItw5cw9yHA6S4PB48WrGzTScBnonFJ52VxhRYknG2JsOkKznj
Request Chain 531
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOLpC51dJmikZHNNnZkatKE&google_cver=1&google_push=AXcoOmTtwUdVSdeHhXVdP2Y-4iLS0eo-o7aBB92j_MZJpDGwEgCe-G6De4v6eEuBYX-_kI2Zkg0Dhk2WQAcAakhAGOOD6kIFS1w HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOLpC51dJmikZHNNnZkatKE&google_cver=1&google_push=AXcoOmTtwUdVSdeHhXVdP2Y-4iLS0eo-o7aBB92j_MZJpDGwEgCe-G6De4v6eEuBYX-_kI2Zkg0Dhk2WQAcAakhAGOOD6kIFS1w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0lIZ3Y4RUYxUVZEcUk1&google_gid=CAESEOLpC51dJmikZHNNnZkatKE&google_cver=1&google_push=AXcoOmTtwUdVSdeHhXVdP2Y-4iLS0eo-o7aBB92j_MZJpDGwEgCe-G6De4v6eEuBYX-_kI2Zkg0Dhk2WQAcAakhAGOOD6kIFS1w
Request Chain 532
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEG5m-v53akF8UeYjXdOcvAY&google_cver=1&google_push=AXcoOmTW-5Yak14dnOUsMidMX-eVVam_jGcyi7Ip8xt0vX0l830Am-twIGK8wNeJXva6sv8LFolL7P102s4b5xpf5XZO8bjwY9Xd HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEG5m-v53akF8UeYjXdOcvAY&google_cver=1&google_push=AXcoOmTW-5Yak14dnOUsMidMX-eVVam_jGcyi7Ip8xt0vX0l830Am-twIGK8wNeJXva6sv8LFolL7P102s4b5xpf5XZO8bjwY9Xd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=eX8eibJzTzyCMnJCapjDg2U5EGw
Request Chain 535
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEEHkjGJhGgz67JGTInmisQ&google_cver=1&google_push=AXcoOmTPy3dko4sOIOAp0eEOj0uw2rcflJFhY42n4XB65pn49Cwyd6QCzgAfeeXp1xXgAATcx1la6HNOAVjkBEvPSW84W-y7amkW9Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTPy3dko4sOIOAp0eEOj0uw2rcflJFhY42n4XB65pn49Cwyd6QCzgAfeeXp1xXgAATcx1la6HNOAVjkBEvPSW84W-y7amkW9Q HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 536
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&google_cver=1&google_push=AXcoOmTTLRQ-Pw8DrU5MPuRKsy5nkULGg_MpYkSS9EKFr_IqCGz9I3ehLj3BZoxGDXXNblDU2h8x_J3aPfdF6vm8T5icQJ58fWl3ew HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTTLRQ-Pw8DrU5MPuRKsy5nkULGg_MpYkSS9EKFr_IqCGz9I3ehLj3BZoxGDXXNblDU2h8x_J3aPfdF6vm8T5icQJ58fWl3ew&gdpr=${GDPR}
Request Chain 547
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1&google_push=AXcoOmSXKfJnffLxSdcvgLjexsyQlfpyjfYRDTApC7QfZmc_Ul9U34epIjawdkf_8aYAQYx3uxNAjVP8M34umlIYg6AOLba37cuL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE0ODc3MjQ5MDQzNzE1NzE2Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1
Request Chain 549
  • https://um.simpli.fi/gp_match?google_gid=CAESEFL4zcU3ZjMTlx5y5_EEnno&google_cver=1&google_push=AXcoOmSyCbWanUrSA15vE5QxwbUiiKisf54gSOEX0q_bouL3k6jJMAMs0KQnxzBFqnJROYj8hu2SadTiF5j0fX6kscW8XOB-8qnT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724E311D0B2F44A883B9EEE9F49D75CE&google_push=AXcoOmSyCbWanUrSA15vE5QxwbUiiKisf54gSOEX0q_bouL3k6jJMAMs0KQnxzBFqnJROYj8hu2SadTiF5j0fX6kscW8XOB-8qnT
Request Chain 550
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFKn_GBgr6uDXcq_afg1ZXg&google_cver=1&google_push=AXcoOmQdOVJKhaUk8KVYEFS6j4x8qkdbuXPA8S5X-w-BO_uIFPnUSpzXTso1AOBjGnZppwyqjuUOs1hHg1TtpcyUsx7vbH11-QR4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQdOVJKhaUk8KVYEFS6j4x8qkdbuXPA8S5X-w-BO_uIFPnUSpzXTso1AOBjGnZppwyqjuUOs1hHg1TtpcyUsx7vbH11-QR4&google_hm=eS1QZm8zRXdCRTJwR1hsWVZ2YmNZY2xpZDJTZ19BSzIzS35B
Request Chain 551
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJyHdcH4kz8sZ7E8lg58WIA&google_cver=1&google_push=AXcoOmRLIfjatY3NyWoqTmx9ckAk_6YnDCLkBPODFdvB8Ke7iCfOLDKONbuUwwFgyLNNSCj15qniNLtqy9oRLUAYYvXiH9joX5CS HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJyHdcH4kz8sZ7E8lg58WIA&google_cver=1&google_push=AXcoOmRLIfjatY3NyWoqTmx9ckAk_6YnDCLkBPODFdvB8Ke7iCfOLDKONbuUwwFgyLNNSCj15qniNLtqy9oRLUAYYvXiH9joX5CS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRLIfjatY3NyWoqTmx9ckAk_6YnDCLkBPODFdvB8Ke7iCfOLDKONbuUwwFgyLNNSCj15qniNLtqy9oRLUAYYvXiH9joX5CS
Request Chain 552
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL18Cl463jKpGtRzVqXw0-A&google_cver=1&google_push=AXcoOmS7fTTdczjRKpEfx1scD6H_IJD71Sji_2rGkAWMfOkAEEiWnULii5yChUtqWvQpSnhChA4_x_LsiUkqe5GdOGqK0Pg5Ra0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmS7fTTdczjRKpEfx1scD6H_IJD71Sji_2rGkAWMfOkAEEiWnULii5yChUtqWvQpSnhChA4_x_LsiUkqe5GdOGqK0Pg5Ra0
Request Chain 553
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEmA7exxl5zovB9nj6a6Lqg&google_cver=1&google_push=AXcoOmQx0AefQ8lzo-iD3ekaSAeNdctORhYxeA_p-yrap4XjjlUimRxt0iyzYtpPH6ISlYDZe6_yOix6lQ951GaxPkjxWbYl2VE HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQx0AefQ8lzo-iD3ekaSAeNdctORhYxeA_p-yrap4XjjlUimRxt0iyzYtpPH6ISlYDZe6_yOix6lQ951GaxPkjxWbYl2VE&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1698238572132 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQx0AefQ8lzo-iD3ekaSAeNdctORhYxeA_p-yrap4XjjlUimRxt0iyzYtpPH6ISlYDZe6_yOix6lQ951GaxPkjxWbYl2VE%26google_hm%3DA31t7CBrZ00DoofpuxMSmo8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQx0AefQ8lzo-iD3ekaSAeNdctORhYxeA_p-yrap4XjjlUimRxt0iyzYtpPH6ISlYDZe6_yOix6lQ951GaxPkjxWbYl2VE&google_hm=A31t7CBrZ00DoofpuxMSmo8
Request Chain 630
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l7htFkxE2oRS26KBJ50_J8a8lK6Sa2WfFk5lxA--~A
Request Chain 644
  • https://hal90004.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=71d8dad258&subid=&uid=2ec0603e969218cd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzAJOaRA5Zcb4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QR7ik3rwNya1ZmRGOBuoqJEaIhpF_apvHqTJ-SLJ8s_zx4DdrZ8sg0W9UMv5nbhvMJ0xhKkXceIsW3NqeccInWOGPIXNV06wh1INGWoUNeNPQ3SoGZlx6RNDTTY6s-WLcRZbw8XtwK1eB5RCky3vv1UwHc_8Rur9EqLXqf2LlwDH8NgcTCh4ySyi8iT4tyTzMg4hXHMTD9fPJdRYOjQwYMRcOBM1LOGr7odELI0kvj6AQtxewaOUpHn2Zlh-subOWsvr60dbtrB7yNr6z-BpC-TrXmL27_N4P6Q73laiVNrs3WNVG9XR3_0M9_DN6Z4g5mfIelf8Uo0Zcx6gaem7fMrpS0SwSF6reRExViFAeyMPr7Bhk_vAwBIKowATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhtqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_3V09Reeh7yHZy-ILHlCIh_b6yCtg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DscKryPkgQvl1U4WmIT0ZMW6PMAhnu_i9ffhXoYgiZfTGw0M6be0o1QIHyV0ZcBk9FQaIF35BrXqWiMbI7w46SAj9qtnDKWBGRoKWR1h07lL7mZLYlOO5_MUT8S4j-pvEFAYEJdxx4PdWQjD1ZXPi_5wnhEzrtW-Q3J1oozusU5mYGLZw%26cry%3D1%26dbm_d%3DAKAmf-Axvb5MFrtjofK0AKqY9Umh5-OTDJaZTjX5iFaNngvpOuC5QQwLFbIwkZVJCsZ-QHMyxWIANIngDJOPkxBW7ReprpfGejAg0ai7CLB6ZnnHTt4EOTYjO3tSgiVk3V-B1oGxwn-8Dgn2oAJxGMZap3BGn-9dlOGwoffbAYFS4N74X8J_nPHehFr6K-IzhNTviF1knLfcWwI2tPvMudLatrjI6f-5rg4cK5fvZEU4AMFETQB04POGhltbK-tsUDOw3yTa-oqyRyFUmizpF0uFlRHw6w0v8rljy0v2TIBdGlGcQ1FwgjJ56ZbM-WGAW8e9sLgiB4M71mzupCih5EPYvTuzevIZmiRj6YEDqUqOfH0YAlV2r5HsXm2VNPINBDqusoKYDGLSpcK9jWUTXVTILJ5wXPSAuon_o58FVE2DZPvvjhlPvE2ttybBt1yQ52OiKxGbz3ReqImTS3otPTPZlrQ85yBz_Pv5odL45PYItjek9dzjU_GrYy_t8PSln9nCZHmWzqfe8UeGHukgN3deyVlKo7LIV4HTYc27_Ud_fcVFefifaps%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=6501861472279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90004.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=71d8dad258&subid=&uid=2ec0603e969218cd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzAJOaRA5Zcb4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QR7ik3rwNya1ZmRGOBuoqJEaIhpF_apvHqTJ-SLJ8s_zx4DdrZ8sg0W9UMv5nbhvMJ0xhKkXceIsW3NqeccInWOGPIXNV06wh1INGWoUNeNPQ3SoGZlx6RNDTTY6s-WLcRZbw8XtwK1eB5RCky3vv1UwHc_8Rur9EqLXqf2LlwDH8NgcTCh4ySyi8iT4tyTzMg4hXHMTD9fPJdRYOjQwYMRcOBM1LOGr7odELI0kvj6AQtxewaOUpHn2Zlh-subOWsvr60dbtrB7yNr6z-BpC-TrXmL27_N4P6Q73laiVNrs3WNVG9XR3_0M9_DN6Z4g5mfIelf8Uo0Zcx6gaem7fMrpS0SwSF6reRExViFAeyMPr7Bhk_vAwBIKowATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhtqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_3V09Reeh7yHZy-ILHlCIh_b6yCtg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DscKryPkgQvl1U4WmIT0ZMW6PMAhnu_i9ffhXoYgiZfTGw0M6be0o1QIHyV0ZcBk9FQaIF35BrXqWiMbI7w46SAj9qtnDKWBGRoKWR1h07lL7mZLYlOO5_MUT8S4j-pvEFAYEJdxx4PdWQjD1ZXPi_5wnhEzrtW-Q3J1oozusU5mYGLZw%26cry%3D1%26dbm_d%3DAKAmf-Axvb5MFrtjofK0AKqY9Umh5-OTDJaZTjX5iFaNngvpOuC5QQwLFbIwkZVJCsZ-QHMyxWIANIngDJOPkxBW7ReprpfGejAg0ai7CLB6ZnnHTt4EOTYjO3tSgiVk3V-B1oGxwn-8Dgn2oAJxGMZap3BGn-9dlOGwoffbAYFS4N74X8J_nPHehFr6K-IzhNTviF1knLfcWwI2tPvMudLatrjI6f-5rg4cK5fvZEU4AMFETQB04POGhltbK-tsUDOw3yTa-oqyRyFUmizpF0uFlRHw6w0v8rljy0v2TIBdGlGcQ1FwgjJ56ZbM-WGAW8e9sLgiB4M71mzupCih5EPYvTuzevIZmiRj6YEDqUqOfH0YAlV2r5HsXm2VNPINBDqusoKYDGLSpcK9jWUTXVTILJ5wXPSAuon_o58FVE2DZPvvjhlPvE2ttybBt1yQ52OiKxGbz3ReqImTS3otPTPZlrQ85yBz_Pv5odL45PYItjek9dzjU_GrYy_t8PSln9nCZHmWzqfe8UeGHukgN3deyVlKo7LIV4HTYc27_Ud_fcVFefifaps%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=6501861472279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 645
  • https://hal900017.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=64be98ebe4&subid=&uid=9fe3da72dcee5d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEDhpaRA5ZcT4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QhBiwx8TIIU6vS8kxJhgQNhCcvHVbuUUcKP1WGA4rE0fhpRkOxuupC2Qb9NlohpPCAh8ASZj6VIsAcTEjwD7bTb7Pzr1PEGNu-e8cBONpQny5Nho1ScUjn32Po7srgUb_8WzPIWaWh_679-yUI-aJE_gpfjeVOAwCDeKsqwlYxdstYST1PNMXZs82AG2cOlD5ps3-2TXSuq5eb4WSnkEHn4UNJvs6HOBeUNQRZzM4MLkdi8Xs4NVRUuVWDZ1qoKj5WpqVQ0JrG0xJJgWaRPMLSfFl3dUFbKqDGN19eoy9upsu62XOVZadY5TunO0LMhCJH9aQhfBly93StZJCtp3MagG8X_u7HHfANVv19UN5Q2JX5nJwpm182avdwATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhNqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_15q0MLR5sk_VzPyRdmX2kzfhqaLw%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-CtyDAzFdmUh0FQqKJ4w1xVBvgAEXEzN6BfUKQ4vnV5LkztjSlJVTDaoqy7dov-mrQ1WLOSbidU8lW4-P4qqn0J8ZNZ7Cbini5tlnSWhsyRndvJmy8wKbD8kyqEH8Jl0nFjmVv8Z_EAinlqQX8LDOof-obByuyrw9JXyXdOavYmxrvNjE8%26cry%3D1%26dbm_d%3DAKAmf-A7QE_zO6t6FGLrhJO4xbq8R9VcoZ4nwHarsP__l7WRZeUH2UHtpIigFObUKzGJ0srTJtXAXCD93lAO-wKAaEn6ToaP2Dgr1f0XYX8MNdWCIJB8cosXIAmhfyI_hJfvi2TQQ7DlTmes9sEVbUY_zMQ665h8O5Igtr3blvn8xwmgmmtCRA9sjSK3351nGvyvnnNDMVhF-qBskXTwDcJdiUFotlnvbXzlRB4NWz3NKb17flSzORyOAM3FsjxYFmYyOG6dcpOkIoddUh33X7RMLLXvBtetk3hgHsPgr1DlbsD5JovFY4Rj4Prp6oqjFs8MpeQgUSp17GGOxUKTBItzThrjPlYwGTLFzTn4wQY7JiyOyxT8ZLlboOmO6oByhQgX0BF6qDz4Z9qD6_JCpgDibJUKFcTQTkqSh0Pqb-xggLNX5M32JwW3E4rAoaSD1K32S1PxEGqnHJJOxSx5LRxGH7G1DJVa2VRHGUrAyOGJ-upvWkWq6MczK96L6uprwc4882jD2M_5YjomXwt0TeIIMajNngUNUdSHFXq4F8851-8uxiORrIA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=2187212550797&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900017.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=64be98ebe4&subid=&uid=9fe3da72dcee5d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEDhpaRA5ZcT4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QhBiwx8TIIU6vS8kxJhgQNhCcvHVbuUUcKP1WGA4rE0fhpRkOxuupC2Qb9NlohpPCAh8ASZj6VIsAcTEjwD7bTb7Pzr1PEGNu-e8cBONpQny5Nho1ScUjn32Po7srgUb_8WzPIWaWh_679-yUI-aJE_gpfjeVOAwCDeKsqwlYxdstYST1PNMXZs82AG2cOlD5ps3-2TXSuq5eb4WSnkEHn4UNJvs6HOBeUNQRZzM4MLkdi8Xs4NVRUuVWDZ1qoKj5WpqVQ0JrG0xJJgWaRPMLSfFl3dUFbKqDGN19eoy9upsu62XOVZadY5TunO0LMhCJH9aQhfBly93StZJCtp3MagG8X_u7HHfANVv19UN5Q2JX5nJwpm182avdwATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhNqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_15q0MLR5sk_VzPyRdmX2kzfhqaLw%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-CtyDAzFdmUh0FQqKJ4w1xVBvgAEXEzN6BfUKQ4vnV5LkztjSlJVTDaoqy7dov-mrQ1WLOSbidU8lW4-P4qqn0J8ZNZ7Cbini5tlnSWhsyRndvJmy8wKbD8kyqEH8Jl0nFjmVv8Z_EAinlqQX8LDOof-obByuyrw9JXyXdOavYmxrvNjE8%26cry%3D1%26dbm_d%3DAKAmf-A7QE_zO6t6FGLrhJO4xbq8R9VcoZ4nwHarsP__l7WRZeUH2UHtpIigFObUKzGJ0srTJtXAXCD93lAO-wKAaEn6ToaP2Dgr1f0XYX8MNdWCIJB8cosXIAmhfyI_hJfvi2TQQ7DlTmes9sEVbUY_zMQ665h8O5Igtr3blvn8xwmgmmtCRA9sjSK3351nGvyvnnNDMVhF-qBskXTwDcJdiUFotlnvbXzlRB4NWz3NKb17flSzORyOAM3FsjxYFmYyOG6dcpOkIoddUh33X7RMLLXvBtetk3hgHsPgr1DlbsD5JovFY4Rj4Prp6oqjFs8MpeQgUSp17GGOxUKTBItzThrjPlYwGTLFzTn4wQY7JiyOyxT8ZLlboOmO6oByhQgX0BF6qDz4Z9qD6_JCpgDibJUKFcTQTkqSh0Pqb-xggLNX5M32JwW3E4rAoaSD1K32S1PxEGqnHJJOxSx5LRxGH7G1DJVa2VRHGUrAyOGJ-upvWkWq6MczK96L6uprwc4882jD2M_5YjomXwt0TeIIMajNngUNUdSHFXq4F8851-8uxiORrIA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=2187212550797&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 650
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP9EFri1pFYbLZnB4DVwKCQ&google_cver=1&google_push=AXcoOmS5ZhzVaqZRuuo8jH5UFEkfDgC83kup5TAlQQl-mBGfJ6H2Bkm_C3JdA4jbLRMeirGzPKc9C8zbqLDGzU0uVwEPoe15x4qKlg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmS5ZhzVaqZRuuo8jH5UFEkfDgC83kup5TAlQQl-mBGfJ6H2Bkm_C3JdA4jbLRMeirGzPKc9C8zbqLDGzU0uVwEPoe15x4qKlg
Request Chain 651
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTz-cggIiKls4GWX_lsAgHIfbyWbuNVSdn9mJJqRtyMB1oJ55T2iKyappa4-cCvkOGrr6QV8yvckpAPcjLJjHV3fanlePl7Kg&google_gid=CAESEMrAIDf_wnUM8CIx53Org38&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmTz-cggIiKls4GWX_lsAgHIfbyWbuNVSdn9mJJqRtyMB1oJ55T2iKyappa4-cCvkOGrr6QV8yvckpAPcjLJjHV3fanlePl7Kg
Request Chain 652
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF5pb-Jwe6zhXHcc0hyDpy4&google_cver=1&google_push=AXcoOmQIswlUAJq5WqJ6cXtf2tOIYm1UtDXMn0pinF7LQ4SGvD4YTaF3UuriH5zfUouDT4ji1D2xqxu5pbvr9OLIjjdPZ2AQS1x7WA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF5pb-Jwe6zhXHcc0hyDpy4&google_cver=1&google_push=AXcoOmQIswlUAJq5WqJ6cXtf2tOIYm1UtDXMn0pinF7LQ4SGvD4YTaF3UuriH5zfUouDT4ji1D2xqxu5pbvr9OLIjjdPZ2AQS1x7WA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK7746XUTV6KijL6QyHkrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQIswlUAJq5WqJ6cXtf2tOIYm1UtDXMn0pinF7LQ4SGvD4YTaF3UuriH5zfUouDT4ji1D2xqxu5pbvr9OLIjjdPZ2AQS1x7WA
Request Chain 653
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENFGDGMtRqSRVES5a-jKjcQ&google_cver=1&google_push=AXcoOmTsiiQk0rMJKHv6gZxJATrENuOHL2OjZ1aL2AqG1QoEcHfrRkForyNvgdLsEbnYROrBPP9jo33csqLQnled9QKrBoioMS2GcA HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENFGDGMtRqSRVES5a-jKjcQ&google_cver=1&google_push=AXcoOmTsiiQk0rMJKHv6gZxJATrENuOHL2OjZ1aL2AqG1QoEcHfrRkForyNvgdLsEbnYROrBPP9jo33csqLQnled9QKrBoioMS2GcA&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTsiiQk0rMJKHv6gZxJATrENuOHL2OjZ1aL2AqG1QoEcHfrRkForyNvgdLsEbnYROrBPP9jo33csqLQnled9QKrBoioMS2GcA&google_hm=Hi4oKGZHKkXUqJYJQ7u4hVs0
Request Chain 654
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmTRfr2lgDUMLWQWPX1gBfuE6WK4c22FsbYi0w7OZLnpVexdGkenE_PCzcIXE25dubZRHgY0x8eBp2QKU6iV4ogf1B5nh6Iyj_M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmTRfr2lgDUMLWQWPX1gBfuE6WK4c22FsbYi0w7OZLnpVexdGkenE_PCzcIXE25dubZRHgY0x8eBp2QKU6iV4ogf1B5nh6Iyj_M
Request Chain 655
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&google_cver=1&google_push=AXcoOmT_n9y2Xr-1XHvF_6ouOSck90XCtYmFxAcSNKbCg91t2hGEXxdWJbBQesRrvSb1td4Gxc2As1K3VrzUHVKT0ysonNiR_EV8HdY HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT_n9y2Xr-1XHvF_6ouOSck90XCtYmFxAcSNKbCg91t2hGEXxdWJbBQesRrvSb1td4Gxc2As1K3VrzUHVKT0ysonNiR_EV8HdY&gdpr=${GDPR}
Request Chain 659
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l7htFkxE2oRS26KBJ50_J8a8lK6Sa2WfFk5lxA--~A
Request Chain 669
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1&google_push=AXcoOmSPegvWS9nUErqV7SVfGE04xQLeTYUYmb0U6zsgTdVEALRk4YuM6tMYuIfMfgF3qKkJWAsgcw007BRg5xcOksClBFxzyzBvLg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE0ODc3MjQ5MDQzNzE1NzE2Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1
Request Chain 670
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP9EFri1pFYbLZnB4DVwKCQ&google_cver=1&google_push=AXcoOmSK1VuSnKQVwz5WXQpALynCensMI-sWor_mT6CrsLI25Y5_HPCJFMOphkkc8cSZWr85ajYdO1Y6h3xU97GdYXBZHFK_yzjs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmSK1VuSnKQVwz5WXQpALynCensMI-sWor_mT6CrsLI25Y5_HPCJFMOphkkc8cSZWr85ajYdO1Y6h3xU97GdYXBZHFK_yzjs
Request Chain 671
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS-NEfs-mpMCKwzhlWZPlkh_gQWEFT9UXZgt39FvyTfc7tlEHlGaIsodpjvDWqQ2F5iScGwOXMnkXZUsUy7Uarm_rNC0_IBSw&google_gid=CAESEMrAIDf_wnUM8CIx53Org38&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmS-NEfs-mpMCKwzhlWZPlkh_gQWEFT9UXZgt39FvyTfc7tlEHlGaIsodpjvDWqQ2F5iScGwOXMnkXZUsUy7Uarm_rNC0_IBSw
Request Chain 672
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsrr4kYNLNhlhJcAG82Blc&google_cver=1&google_push=AXcoOmR-TQ3YPkmP-0aM2ES1HeunD24hImlfHidJKEg-y1RUfqxCd8cc-f3U218YHnPUszg7NNvfP-hSQ-clCIbxbgEPV2Cc09L5aA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2OTM2ODAzOTI0OTQyODQwMQ&google_push=AXcoOmR-TQ3YPkmP-0aM2ES1HeunD24hImlfHidJKEg-y1RUfqxCd8cc-f3U218YHnPUszg7NNvfP-hSQ-clCIbxbgEPV2Cc09L5aA
Request Chain 674
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGNgEqrkB64bbf9_bzxSyF8&google_cver=1&google_push=AXcoOmQ-BU30jfMzBLnP2HvatYjq8SdiQgDMLB6kAAHr5fJzRWkCOSBihltv-zD8PPdj8RqsOWCtTN6Vz0k-923rqKXWPhnECbuatQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg5MTA1NzUzMDM2MzM2OTQ4ODQ2OQ%3D%3D&google_push=AXcoOmQ-BU30jfMzBLnP2HvatYjq8SdiQgDMLB6kAAHr5fJzRWkCOSBihltv-zD8PPdj8RqsOWCtTN6Vz0k-923rqKXWPhnECbuatQ
Request Chain 675
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&google_cver=1&google_push=AXcoOmTG6skmJ94ifZbbI1nLKjElU4yB-oylJpD24F-vQzgzS-vp6GxIrhv5Z5nIK6_gyFqAr8CYx8Ic7Fuj2ZIFBPMmA9ZluTJ1XJ8 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTG6skmJ94ifZbbI1nLKjElU4yB-oylJpD24F-vQzgzS-vp6GxIrhv5Z5nIK6_gyFqAr8CYx8Ic7Fuj2ZIFBPMmA9ZluTJ1XJ8&gdpr=${GDPR}
Request Chain 678
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBEw148XOyDFefbiW__ZCjQ&google_cver=1&google_push=AXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fjF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fjF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBEw148XOyDFefbiW__ZCjQ&google_cver=1&google_push=AXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fjF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fjF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 679
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_cver=1&google_push=AXcoOmSTnPx0-QTeQseQTWb2QZt5ShuNYiL9EBCY20xlJw_f1LAFTaiDZ7b8GNw9GsVssNN4-M1yZb0aDN3flyTvljL0zpqmgq8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRrUWJBQWFacnpEbWdBTg==&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_cver=1&google_push=AXcoOmSTnPx0-QTeQseQTWb2QZt5ShuNYiL9EBCY20xlJw_f1LAFTaiDZ7b8GNw9GsVssNN4-M1yZb0aDN3flyTvljL0zpqmgq8
Request Chain 680
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDmlKdnskZcRuG8ov6GH8dg&google_cver=1&google_push=AXcoOmTrp4VNKUKVKje6-syQ2oD7cA4HmCpMGAyvehviT8S75S7KZmEYu6J6y69-0mwZb47x-4phPzeDekl31yA3S8sPtnJlTvfj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTrp4VNKUKVKje6-syQ2oD7cA4HmCpMGAyvehviT8S75S7KZmEYu6J6y69-0mwZb47x-4phPzeDekl31yA3S8sPtnJlTvfj&google_hm=tWjz78hlTBC0agvHwOJaOoQ
Request Chain 681
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRSv3ybgDDrx_T2jGo2GNlLHFMSlkNebfZoLSgD1XcOtgx06Ocb1nz7oy7ebGlFRjWh7dH6E4nv2Y3_vD1wEAnZWtv3_Ubh&google_gid=CAESEMrAIDf_wnUM8CIx53Org38&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmRSv3ybgDDrx_T2jGo2GNlLHFMSlkNebfZoLSgD1XcOtgx06Ocb1nz7oy7ebGlFRjWh7dH6E4nv2Y3_vD1wEAnZWtv3_Ubh
Request Chain 683
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEF5pb-Jwe6zhXHcc0hyDpy4&google_cver=1&google_push=AXcoOmRXdyRyRZ5pgdzsHJiK-eX5H01T0fSch58_SkfFaMFyjfPlA4TLFb4DCTpmPdOXy5h6FTcxH6-NpgWO467Yc9inQSHy2Jb_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK7746XUTV6KijL6QyHkrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRXdyRyRZ5pgdzsHJiK-eX5H01T0fSch58_SkfFaMFyjfPlA4TLFb4DCTpmPdOXy5h6FTcxH6-NpgWO467Yc9inQSHy2Jb_
Request Chain 684
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL18Cl463jKpGtRzVqXw0-A&google_cver=1&google_push=AXcoOmQC7GY89fm7Xj1kk0cCiLOGoRvzrF2ySeU4TLfQjTgCcSYTb0HTTLhQ0LNN9VVVczpBJhPSBckblqnH9FMfUZ0m_nY9ShcI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmQC7GY89fm7Xj1kk0cCiLOGoRvzrF2ySeU4TLfQjTgCcSYTb0HTTLhQ0LNN9VVVczpBJhPSBckblqnH9FMfUZ0m_nY9ShcI
Request Chain 686
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zahav.ru&sn=ChromeSyncframe&so=0&topUrl=www.zahav.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=6CDnm3xRR0thMzBpelVHUW8vTERZeWtnY1hEUU0va1Zhc1JyRVdmSXMxdkd5SVVXMGlLYmFPa3Z3QzZ3aXhudjAya3oycW1pS0UvWWVvVHhlUUxpd1p4bCtWUG1DQVI1MHZjVFZVSmxYbjAzWHZ1K0xWQXJZVWJDYTNTRlRsVEJ3ZS9YeUs3ZzNnVW1zek44NEhnRVdZZE1qOWlhZ2d6T09xandFZDQ5dzlqb1NMWUVxaVpJbFhJMno0cE41K0tEZlFDOHBJRktQZFFrd1M5aTI4TmxQZEdTbUEwdDVRVW1ZUmtZVk1SMllCM2pUNWNKQ2Vieml0dmpWcXRwT3p0aG8zVWQvOG5GTjhIY1NXREpsT3hPUk90QzE1QT09fA&cppv=2
Request Chain 706
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 707
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_cver=1
Request Chain 708
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTkQa80EssFQrPU7UfAdtQAA%263169&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTkQa80EssFQrPU7UfAdtQAA%263169&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=31ddcaba4ec84fe19e37e714fe2eca0a HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=31ddcaba-4ec8-4fe1-9e37-e714fe2eca0a HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73%3A1698238574.348331&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73%253A1698238574.348331%26_%3D1698238574.350248&cb=1698238574.3502808 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730486269835&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73%253A1698238574.348331%26_%3D1698238574.350248 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73%3A1698238574.348331&_=1698238574.350248
Request Chain 709
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&gdpr=0&gdpr_consent=
Request Chain 710
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7769368039249428401&expiration=1699448173
Request Chain 730
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352126/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bidurl=https://www.zahav.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h2uK16C2JJ19d7CHaxxeX0&adsafe_url=https%3A%2F%2Fwww.zahav.ru&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.zahav.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:7868040e-d754-930b-7304-6ac9459118ca,c:s40CPP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-zmvpt,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:590,mot:0,app:0,maw:0,fm:tTHBZ7i+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1e*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:710,oid:e00ccca5-7335-11ee-8ed7-02416dceae6b,v:19.8.457,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Request Chain 732
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bidurl=https://www.zahav.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jAxTAS5okosqaL2ylWyoB2&adsafe_url=https%3A%2F%2Fwww.zahav.ru&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.zahav.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5cee9c66-dbc3-3802-a970-c2ef60fc148d,c:s40CR9,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-ltkrw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:727,mot:0,app:0,maw:0,fm:tTHBZ7U+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h*.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:753,oid:e017c94d-7335-11ee-ae7a-462720a6b714,v:19.8.457,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Request Chain 751
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352126/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bidurl=https://www.zahav.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hfnX9HmPmCvl-EumyLTFUU&adsafe_url=https%3A%2F%2Fwww.zahav.ru&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.zahav.ru%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:89b766fc-beeb-a1d5-f9ea-63463853be0d,c:s40CUs,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c476d5db8-fddrx,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:979,mot:0,app:0,maw:0,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C1631%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d*.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j41%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1d*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:1009,oid:dffe25ec-7335-11ee-8d30-66cade7268ee,v:19.8.457,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Request Chain 776
  • https://pv.medialead.de/trck/eview/89f7480c0afa0150edeb7d68276c11dd?subid=53791500078843104445308012488004&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://www.ad-server.eu/wm/pb/fyrst/Fyrst_ad2_320x50.jpg
Request Chain 777
  • https://pv.medialead.de/trck/eview/89f7480c0afa0150151f163b0ba936a5?subid=31984700078412504445308012488017&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://ad-server.eu/wm/pb/fyrst/fyrst_Festgeld/FYRST-Festgeld-Schwein-statisch-320x50.jpg
Request Chain 800
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7657994497 HTTP 302
  • https://sync.1rx.io/usersync/turn/9148772490437157163?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003
Request Chain 801
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=1411800119198525653 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/179aae56-a184-522a-98be-4df2fd875d9d
Request Chain 803
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/7769368039249428401
Request Chain 806
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJyHdcH4kz8sZ7E8lg58WIA&google_cver=1&google_push=AXcoOmR2RvOYLW0Wre__m728LLa9jZkZ18Bx5k7U5GM1BjU5MqOVbrFIRbgM0W1bkyfG6k3CpmsHq_sResF-P9QBraJ-gA-mvSVp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR2RvOYLW0Wre__m728LLa9jZkZ18Bx5k7U5GM1BjU5MqOVbrFIRbgM0W1bkyfG6k3CpmsHq_sResF-P9QBraJ-gA-mvSVp
Request Chain 807
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL18Cl463jKpGtRzVqXw0-A&google_cver=1&google_push=AXcoOmTIBEPzxb5l9YheHmjm08OhU4a5pnLvyNlOHxFPCujY-iVML-lATMp9esIBE_cfIJ_hKrJomwtFsXHaYZ2ikPVbFSVzDUAR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmTIBEPzxb5l9YheHmjm08OhU4a5pnLvyNlOHxFPCujY-iVML-lATMp9esIBE_cfIJ_hKrJomwtFsXHaYZ2ikPVbFSVzDUAR
Request Chain 808
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_cver=1&google_push=AXcoOmRU-bu6rej2FCcYQYwGTQYP6vjdJYZHWpQNSTZCHM2an8cmzNamDTC8uHXVrKP6qgIK5iAbUqNr_STK11cKGvZnV2l20KNk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_hm=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&google_nid=index&google_push=AXcoOmRU-bu6rej2FCcYQYwGTQYP6vjdJYZHWpQNSTZCHM2an8cmzNamDTC8uHXVrKP6qgIK5iAbUqNr_STK11cKGvZnV2l20KNk
Request Chain 811
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQa1n_yOxRMjHmydZk6skUWzLQ10Sfk3neXM98xWVaGyqwuWlObH55gynf4fkNR6ONsXEMUmKpZKe9BscMcZpRb1QUNxP4xEw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQa1n_yOxRMjHmydZk6skUWzLQ10Sfk3neXM98xWVaGyqwuWlObH55gynf4fkNR6ONsXEMUmKpZKe9BscMcZpRb1QUNxP4xEw
Request Chain 814
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP9EFri1pFYbLZnB4DVwKCQ&google_cver=1&google_push=AXcoOmS5-BXseo59HA2HQtMcxFmlgOzBuO7ecJ0jZGdMh0cdXaCJk3pxWsEuFt43eWKZvn6_alBmbrBxoOY5Z4lkt3ADETv_OuU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmS5-BXseo59HA2HQtMcxFmlgOzBuO7ecJ0jZGdMh0cdXaCJk3pxWsEuFt43eWKZvn6_alBmbrBxoOY5Z4lkt3ADETv_OuU
Request Chain 815
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFKn_GBgr6uDXcq_afg1ZXg&google_cver=1&google_push=AXcoOmTitqQVbs2GGZzr3gSRASDJQgnjG58sPS37mp5aykGaFUr8D30b-vj301sx-khwx8yPP8bG6pWdK7IeGV4YW_5SOmRbnXw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTitqQVbs2GGZzr3gSRASDJQgnjG58sPS37mp5aykGaFUr8D30b-vj301sx-khwx8yPP8bG6pWdK7IeGV4YW_5SOmRbnXw&google_hm=eS1QZm8zRXdCRTJwR1hsWVZ2YmNZY2xpZDJTZ19BSzIzS35B
Request Chain 816
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQgSvkpqhOjeoGru6gxF5OCdMqg5yMcw72GPLyHFeSlzKs4nKJVVSxwIPTvOEcGBMRuAfMwUyxKy9ePVZO5bxFsu7GMGmE&google_gid=CAESEMrAIDf_wnUM8CIx53Org38&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmQgSvkpqhOjeoGru6gxF5OCdMqg5yMcw72GPLyHFeSlzKs4nKJVVSxwIPTvOEcGBMRuAfMwUyxKy9ePVZO5bxFsu7GMGmE
Request Chain 818
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEEHkjGJhGgz67JGTInmisQ&google_cver=1&google_push=AXcoOmQDUj8x_Aed4U69yG_1Jgx_qRCT9eUnsvbp10uJ-Sn-vPqoO4TFzRVrkj3oFLzhHzKfhOxgAqYGbZ0Ytx2ZOGT19UewT2I HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQDUj8x_Aed4U69yG_1Jgx_qRCT9eUnsvbp10uJ-Sn-vPqoO4TFzRVrkj3oFLzhHzKfhOxgAqYGbZ0Ytx2ZOGT19UewT2I
Request Chain 819
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKtYgB3DWy_2Slvtc-l0gyg&google_cver=1&google_push=AXcoOmSNOpIAESbwRCOULXYUt2pCeRISakPqpxmPvz5lc6r4tfKhNaRB1htgpjzvWq8bF3s5giuDCWx8mOgfEzpaeToIZlT7bNis HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSNOpIAESbwRCOULXYUt2pCeRISakPqpxmPvz5lc6r4tfKhNaRB1htgpjzvWq8bF3s5giuDCWx8mOgfEzpaeToIZlT7bNis HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 821
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230 HTTP 302
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=PqhfVV96NW11SlJZN2VsRUV6OXduT3N4bFgyOGtUQ1M5ZTVkQTZSVWM2ZzlBRGJibkN3akNiTm5ndk0xdm1Sa0hHbHRCREFxbTMwR0VDeWdsciUyQmdic2JpaFk5c0tRT3N4SEtMYnNKaHp0RlJvbU9aOXlkWldxRkhlajFSRkx0bFQwOEg5N2FBRkhTUnNhVVo5c1FxdGw2Q1RrNHRkUmJPZTVZZUtpMnVMbCUyRjRqU1hYYWJmNGF1a3dJY1clMkZKVCUyRnFBT0cycQ&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-X-q5DLXO_fWKNTRQIXggfu-Wu2RGz3ZLBXDMfw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=PqhfVV96NW11SlJZN2VsRUV6OXduT3N4bFgyOGtUQ1M5ZTVkQTZSVWM2ZzlBRGJibkN3akNiTm5ndk0xdm1Sa0hHbHRCREFxbTMwR0VDeWdsciUyQmdic2JpaFk5c0tRT3N4SEtMYnNKaHp0RlJvbU9aOXlkWldxRkhlajFSRkx0bFQwOEg5N2FBRkhTUnNhVVo5c1FxdGw2Q1RrNHRkUmJPZTVZZUtpMnVMbCUyRjRqU1hYYWJmNGF1a3dJY1clMkZKVCUyRnFBT0cycQ&gdpr=&gdpr_consent=&us_privacy=&cr_user_id=k-X-q5DLXO_fWKNTRQIXggfu-Wu2RGz3ZLBXDMfw HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=fd67c680-d21f-4726-b4e1-4508eb25e16b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=fd67c680-d21f-4726-b4e1-4508eb25e16b&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a8704b10-757f-4611-8899-2094467f3bc8&ssp=criteo
Request Chain 822
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/90fc61ffe7d996e53021b9582855508a?gdpr_consent=&gdpr=0

901 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.zahav.ru/ 		254 KB
112 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3b94c8117bda64123d3f422ac67c2999873ffb17e6819e47209e419bdea9d331

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5
cache-control
public, max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 25 Oct 2023 12:56:01 GMT
etag
W/"3f682-Nt1lxQikBaq7MRbzp+i/NouL/Jg"
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
x-amz-cf-id
eaPc4A5zuQetLKbaB_iy6fSfZWZvie7_Io6iHZxA-aoPR-6HntviUA==
x-amz-cf-pop
FRA60-P6
x-cache
Hit from cloudfront
x-cached
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6de358422af840eb38540a661f530b7c321e6b3dcd1f3de4d3f080ce8483fa38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29120
x-xss-protection
0
server
cafe
etag
237 / 19655 / 31079109 / config-hash: 8671707731930110642
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:06 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:56:36 GMT
content-encoding
gzip
via
1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
71970
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
lKCnft7aJmzFQowC4QYk2r3sasoLCCU3cKuk5P2OWCA3U8QJlL9DMQ==
expires
Wed, 25 Oct 2023 16:56:36 GMT
facebook.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		266 B
638 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/facebook.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
146a64826cd7fdd7a02546901a50c199c7cd8bf2c3a87be4a051a269ab43da69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 00:18:56 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 04 Oct 2023 12:46:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
1773430
etag
W/"10a-18afaba1e5a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
266
x-cached
MISS
x-amz-cf-id
EihoU0p-X5mfPHef2fIEImEaiYigid6DtqZqiSq61FzCptwMOv8Ehw==
facebook.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		276 B
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/facebook.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
8c973fc683837b2b8c9392b6c4115c52f98b8c8c74242b0a2cafa677c60fa1f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"114-18b4883c0c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
276
x-cached
MISS
x-amz-cf-id
tnLVYJCGlI_hcoayrgj509IJy8Y6EyT3Hmq7rsjTbyck3CWq8z8a_g==
telegram.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		411 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/telegram.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
1d27f89e2708b673850caa81118e9245c6afdd422358378e09ffecce4c26dece

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:48:11 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338875
etag
W/"19b-18b4883c0c7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
411
x-cached
MISS
x-amz-cf-id
6vnAvi3BUxSvGTdGz3FXWQF8yYnHXyHDZC2isQBPgEGs-Atb1B6sNQ==
telegram.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		426 B
798 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/telegram.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a1b95607d3ea9371fb72c392e8ae3d77dd3a4a315cedacd47cbaa0d2b44a53b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"1aa-18b4883c0c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
426
x-cached
MISS
x-amz-cf-id
n8teeaqtz8S41ttUZD2FIM6LKZ_PKPtgQfa29ZeOOLecdAAChM0Xmg==
twitter.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		372 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/twitter.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3fd055f9b0f7d6baaec7f56e269c8dcd347f6680bbd4194c57ee590a46fdb95e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 16:09:57 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 26 Sep 2023 09:51:54 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
2493969
etag
W/"174-18ad0e70126"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
372
x-cached
MISS
x-amz-cf-id
j0RMBaVL7yj3ZcG37hDp5LpEkUL5-pg4AH07Tu5lX_w4n7knIvFv4g==
twitter.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		387 B
761 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/twitter.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
515fcf87781aef040a6758d637d17d941caf08ea469656259b5fc3745b832d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"183-18b4883c0c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
387
x-cached
MISS
x-amz-cf-id
hDoXZ7VjrEBsrBgv-V09fDpWXzEM3Ir_x_xgrggEhv4jgL_hlHjgpw==
vk.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		362 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/vk.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
da4a76da2f7b8699744313947182d57adebfbea051b931c01df1f73e41d5ff33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:48:11 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338875
etag
W/"16a-18b4883c0c7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
362
x-cached
MISS
x-amz-cf-id
SsC8MoVRwgnyRPT3iVFSJ9YQ5OAgE1BWBITX6hJg3fhetOyH_rzRLw==
vk.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		393 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/vk.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
95db6265c2c336d53707a24c7f8ccfcc921965c848f18bfc64988ddf4fdf8b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 00:59:57 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 04 Oct 2023 12:46:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
1770969
etag
W/"189-18afaba1e5b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
393
x-cached
MISS
x-amz-cf-id
lyeDjFt2Cml2LNDTbi194PwnSTCMdghia6tr4l22LWT1EP8aSm2Ubg==
ok.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		401 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/ok.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
60531e79a8bcd2aea26e031d6c09a2da7ca3c074bea5d4585a5009d52e17f81c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:48:11 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338875
etag
W/"191-18b4883c0c7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
401
x-cached
MISS
x-amz-cf-id
gAj3Cp43AsFPbDDcf_08EJFqiPXGdRbVsnHl1nK44V_-Bsz9d8YO8w==
ok.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		416 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/ok.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
624f0494fca1a39f49b63bc119f7f76161c6cb1af4d6f8a34fd8ba627c195868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"1a0-18b4883c0c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
416
x-cached
MISS
x-amz-cf-id
JQLJRgnH7ESn8rWLmwmbh-k7NoiQl5zzq-j7mxxGdIOHlsgwKFWP1g==
logo-desktop.png
www.zahav.ru/public/zahav/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/images/logo-desktop.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ae633993bc7b3cab03ed1c6c815522b7cfeb0b8d34cbd1d97526220fc758b8e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"1151-18b4883c0c9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
4433
x-cached
MISS
x-amz-cf-id
QqTZ4dL450OHSB6CalOk_GaOyjJIq56inlB45BzjeRDQ_ovwG0YG1Q==
2158494.jpg
images.newsru.co.il/l/215/84/ 		124 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.newsru.co.il/l/215/84/2158494.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aae26c078de650dca80a0ece52b9a4e913c756769291cfdfcffd7b484fed31c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 25 Oct 2023 12:31:03 GMT
server
cloudflare
age
1438
etag
"65390a87-1f057"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vuXlkj1aB91kyivEL5F9D501HY6gHBYWzm%2BSHP4tIcR7yO1HyMvr2R3%2Bri5aJrO7aVfJMIM94J2Onj1BHWZvCJLGWQWofeFGbM5Nqeam1jyLcwwyI5Sdhw7JlLellsc17Jt7tLSRlLFbpVSFSTZb64%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
81ba9e1e8ac265cd-FRA
content-length
127063
China_Navy_Military_AP-Photo-Mark-Schiefelbein.jpg
detaly.co.il/wp-content/uploads/2023/10/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://detaly.co.il/wp-content/uploads/2023/10/China_Navy_Military_AP-Photo-Mark-Schiefelbein.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d15a9f06b04bc011a38af07d49f784b832546963ee6c185c2e9b4ec1a7a20bea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6926
cf-polished
origSize=68690, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
66633
cf-bgj
imgq:100,h2pri
last-modified
Wed, 25 Oct 2023 10:38:11 GMT
server
cloudflare
etag
"6538f013-10c52"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bwf%2F81vSpG%2BNGdptVsgYeXmcFktNZqg%2BXcZ%2BR%2B7exRP6ilkSrTh4zvOq91cRJ%2B9q4Mt5k7g01lffO7DZDFbHuHkk7Ev325tRFmapgnp4nNU8kBqyK2Q%2FS6VgD5pBXFK%2FS%2FSWZUV7q1phPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=31536000
accept-ranges
bytes
cf-ray
81ba9e1f1fd99171-FRA
expires
Thu, 24 Oct 2024 11:00:40 GMT
bennet-629503-ohad-tzvigenberg.jpg
detaly.co.il/wp-content/uploads/2023/06/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://detaly.co.il/wp-content/uploads/2023/06/bennet-629503-ohad-tzvigenberg.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
620db770310a1d13b8ae0b45e4fc32f8474df07d84ffe1c28470e0981d5ad6fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
122
cf-polished
origSize=17421, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
16215
cf-bgj
imgq:100,h2pri
last-modified
Mon, 19 Jun 2023 09:43:08 GMT
server
cloudflare
etag
"6490232c-440d"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmHByZaOh6ySBeiG1VFoPWOcHDsEKSqi%2F%2Fh1IvOSu8ntexDRx%2FveUNGgXh5UO16Oe7DQiQIvCEeCoX%2BBZXQgiqBKNQmJ2kZPPdvWUQnuc4bw11SybtkfE6FcE%2BMxifc7Zkvd27E6ORbjhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=31536000
accept-ranges
bytes
cf-ray
81ba9e1f1fdb9171-FRA
expires
Thu, 24 Oct 2024 12:54:04 GMT
e53a90c9d925c517ab69bb6c11428d84.jpg
mignews.com/media/cache/e5/3a/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mignews.com/media/cache/e5/3a/e53a90c9d925c517ab69bb6c11428d84.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:9d28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed1fe335efc5c4d02830390975dcdd195f7eec3621be8936b7e9d1f29794381

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1478
alt-svc
h3=":443"; ma=86400
content-length
88081
last-modified
Wed, 25 Oct 2023 11:52:06 GMT
server
cloudflare
etag
"65390166-15811"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hI%2FQyMVfxE6a4pvh7AUj0O6fuc8UuSi7PZv4caxVmBxuVELqFDaF7TDvcCjpYcSgGecvlLHoTW%2F8vq6TdmSVzYbxIIGNqOydpR8xCiQl4jXlGaISuO7CSp4xZ5IeXFMSrWFjhERxGz2nXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
81ba9e1f1a80bb9b-FRA
expires
Thu, 24 Oct 2024 12:31:28 GMT
img_id=36795.jpg
www.9tv.co.il/download/pictures/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.9tv.co.il/download/pictures/img_id=36795.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:f51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
03d5c66fcb87068d84645f1a5a5f5669dba7a68f4fcc6168c0162ca454e87118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Wed, 18 Oct 2023 18:16:19 GMT
server
cloudflare
age
1435
etag
"a49f1731ef1da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=1800
accept-ranges
bytes
cf-ray
81ba9e1f9cfd695e-FRA
content-length
88576
LogoKorotko.jpg
detaly.co.il/wp-content/uploads/2023/10/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://detaly.co.il/wp-content/uploads/2023/10/LogoKorotko.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:45a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b06fec9f38a9f06f22d70c2a669dd25732f6be0ce7be4101e5cbef94069a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
595337
cf-polished
origSize=21724, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
19681
cf-bgj
imgq:100,h2pri
last-modified
Sun, 08 Oct 2023 14:07:52 GMT
server
cloudflare
etag
"6522b7b8-54dc"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3IV%2F6zMfBRJPB291xTuDaNGDlphEtjG4djp2b13WNRvRYjT00%2FgghzHLxPjNTjFDMYu6FQySdCmjkYQH3M%2Fw4lpeQUgERAz47lVukWmjXKojXOQqV4DnZfce35k0%2B9Qlz4lbw0GAP0cBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
private, max-age=31536000
accept-ranges
bytes
cf-ray
81ba9e1f1fe19171-FRA
expires
Thu, 17 Oct 2024 15:33:49 GMT
04d73260-731a-11ee-b315-7d1db3f558c6.jpg
ichef.bbci.co.uk/news/raw/cpsprodpb/6bf8/live/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ichef.bbci.co.uk/news/raw/cpsprodpb/6bf8/live/04d73260-731a-11ee-b315-7d1db3f558c6.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:288::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16a09d6749e9aa18a8a4a70905253e36b05235378d7a6f1c2e48f5d6ec8fe3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
x-amz-server-side-encryption
AES256
content-length
17806
last-modified
Wed, 25 Oct 2023 10:09:03 GMT
server
AmazonS3
etag
"f1e60354b5fc57d50c7b8ebaddf12cc7"
access-control-max-age
300
access-control-allow-methods
HEAD,GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers
*
expires
Thu, 24 Oct 2024 10:46:02 GMT
zahav.ru.1297439.js
jsc.idealmedia.io/z/a/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/z/a/zahav.ru.1297439.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9722 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9272dca4a76f95ff45230dcb6f9f3001286c735a2d2ae3e88cb920d3ebe92f9e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
content-encoding
gzip
x-amz-version-id
UXqj9aZExXh_erxGUnI3qeMe6qPPifri
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
1M6NNRZ6FE3S0G9V
age
6835
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
1456
x-amz-id-2
dVhant4BWscv4VQCHFtDhYFj+CfTpQpWRHTlFfQCFgm3da0c+KzOoTY38ZbqEofx6tkI32m+dL0=
last-modified
Sun, 08 Oct 2023 14:14:46 GMT
server
cloudflare
etag
"79b9a15edc0f193053c0256cd967bd7b"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
81ba9e1f2c643632-FRA
expires
Wed, 25 Oct 2023 15:56:06 GMT
d000_70.png
pogoda.co.il/img/pogoda/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/pogoda/d000_70.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beabe65680c8743ac2c03b469d77be5bdd4746db71a57352d44924991109fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
463306
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
2240
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"8c0-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV4cfw7PurVIfqcuB3QXClv83W4U8CtVt7cLmPqkhQr6gzE%2FjsBX0%2BkBOhpQSMHnGKu%2Bw8o0eARi9UVD6Co4tb45Zwkgg5OVgG7R02V95ASyS407z5OsGkQmc%2Bqg8wkSQfvpq5EHWYMCYmM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
81ba9e1f5fc1904f-FRA
expires
Sun, 19 Nov 2023 04:14:20 GMT
N.png
pogoda.co.il/img/ico/ 		494 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/ico/N.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cddd8db63d37296149b01b30ad184911700178f66400f45d2d13ac6bb76f3454

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1500327
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
494
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"1ee-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tH2khJzEvHUx9RSvKMpwZVySrJKeuhRssj00jSZ7e2B%2FUraQxYDO1pBmRH54%2BtDvUQw%2Bl4t4G7ijrnERwKqdX70h9VrCItYhhpS%2BIEtqVPNddYJ%2Fu42Hj4of6g%2BUJjlFcm%2BsHJbDhXXqqDk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
81ba9e1f5fc4904f-FRA
expires
Tue, 07 Nov 2023 04:10:39 GMT
NW.png
pogoda.co.il/img/ico/ 		482 B
818 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/ico/NW.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20cfc6a4b1073b01343e6adfe938d7928e99fa3024ad8ad322babf87fcad877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
778414
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
482
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"1e2-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3RrkRtGxSXFmdAlmhNBtvQJiO9vBoz26NdcnZO0NLbTLNxZFv6Wya8RVQEvewIAQ%2B%2BZQn8ZiSHD4pIbx8eJbqXh7%2FHpOPuqMsT%2F%2BRHUmBtGzAJjXvRHEiBEegZ7JMEHfpi5C0a31jaLjF4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
81ba9e1f5fc5904f-FRA
expires
Wed, 15 Nov 2023 12:42:30 GMT
E.png
pogoda.co.il/img/ico/ 		479 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/ico/E.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3762f84554b341dd11c81e709e6df40bc62736f16e0c8ea4fe3e7e7c5f1bacf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1773078
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
479
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"1df-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzFHYeCr0NnZ94T2PlymnaBKp0Ip2WASMIxzf0pNoaaBMps4zsWpQJfxivmcapc50QAsbt4hH7mSzr12U2JSxsWCCooVgPbZ1eohyrcthUIAlQ24iqXyTR2UnwNREd4tKnto4FhWsH5MI9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
81ba9e1f5fc7904f-FRA
expires
Sat, 04 Nov 2023 00:24:48 GMT
zahavru-prod.js
cdn.valuad.cloud/hb/ 		1008 KB
275 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
9c0f3b2b529b4701c795e6730f7d30e5554a657da839a0160ebe1cefb7c7f016
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Content-Encoding
gzip
strict-transport-security
max-age=15552000; includeSubDomains; preload
Last-Modified
Wed, 18 Oct 2023 09:08:00 GMT
x-amz-request-id
tx000000000000010df1829-00653909d3-3b78b790-fra1a
etag
"3a08bd205d597ef052220287062d3662"
x-envoy-upstream-healthchecked-cluster
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1698238566.dop216.fr8.t,1698238566.cds231.fr8.shn,1698238566.dop216.fr8.t,1698238566.cds132.fr8.c
Content-Type
application/javascript
x-rgw-object-type
Normal
cache-control
public, max-age=86400
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
281058
gtm.js
www.googletagmanager.com/ 		272 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58RVJLV
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1f8b6a42e065edab2d0d8295fd863984911f254b7f15e75cf6312e7358a642d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90469
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 Oct 2023 12:56:06 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2127:3600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 17:22:06 GMT
content-encoding
gzip
via
1.1 77d19519a1c9ed821ab469548b9d17f4.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
PRG50-C1
age
70439
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
OBcLplI7Sj0ze9FnTCFos6DCZLOUw4tI9s5IYA3SKBHaFvYgD1wCKg==
expires
Wed, 25 Oct 2023 17:22:06 GMT
loader.js
cdn.taboola.com/libtrc/wallail-zahavru/ 		527 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/wallail-zahavru/loader.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30f5fd9d5419c00f49f1f279dec7d8e9aa159455ef3243e8d498086c6d9d504a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
UAxhitiJUs02g1iPA.8QjiuvxPp7nME4
content-encoding
gzip
via
1.1 varnish
date
Wed, 25 Oct 2023 12:56:06 GMT
x-amz-request-id
4SEC8MPNHGJ22MH3
age
11795
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
55321
x-amz-id-2
/COcQaESQGyHQFG+cVbr/GHm3MY9zXq9TOVToohZhaFrdq2JIxyWevMNI5U8HOI11fFyJt1mO+M=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 25 Oct 2023 09:39:26 GMT
server
AmazonS3
x-timer
S1698238566.298366,VS0,VE0
etag
"97b1ae8c531b7a2600ed7e3cb0cdadc5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
2
logo-desktop.png
www.zahav.ru/public/zahav/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/images/logo-desktop.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
ae633993bc7b3cab03ed1c6c815522b7cfeb0b8d34cbd1d97526220fc758b8e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"1151-18b4883c0c9"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
4433
x-cached
MISS
x-amz-cf-id
eaBObvGnbnZHI_Qkslpxg9XUDXYqdd0Im0G94-JEQoLNZ5IxCBlq1w==
facebook.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		266 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/facebook.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
146a64826cd7fdd7a02546901a50c199c7cd8bf2c3a87be4a051a269ab43da69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 00:18:56 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 04 Oct 2023 12:46:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
1773430
etag
W/"10a-18afaba1e5a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
266
x-cached
MISS
x-amz-cf-id
GZiX1j9uEFadV0xJRUKlz3flYFS8qTYpKaV0HpOSz8jjP5i_m1Ldbw==
facebook.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		276 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/facebook.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
8c973fc683837b2b8c9392b6c4115c52f98b8c8c74242b0a2cafa677c60fa1f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"114-18b4883c0c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
276
x-cached
MISS
x-amz-cf-id
c17stnueUbfdp6lxq2lfoXBDLRtflsgyzW5XFkE23-lDB0aiDT6vMg==
telegram.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		411 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/telegram.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
1d27f89e2708b673850caa81118e9245c6afdd422358378e09ffecce4c26dece

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:48:11 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338875
etag
W/"19b-18b4883c0c7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
411
x-cached
MISS
x-amz-cf-id
eHs2ushEhE_TJcEWCkXAsr_B2MB0BidRzhJAmdEGqo77tweVbjFILA==
telegram.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		426 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/telegram.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a1b95607d3ea9371fb72c392e8ae3d77dd3a4a315cedacd47cbaa0d2b44a53b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"1aa-18b4883c0c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
426
x-cached
MISS
x-amz-cf-id
LySeQPNF0e46xk8_m5lb4LWvmp4AJ_82il25EEXTokZ3Sy64qLU3ag==
twitter.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		372 B
747 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/twitter.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3fd055f9b0f7d6baaec7f56e269c8dcd347f6680bbd4194c57ee590a46fdb95e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 16:09:57 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 26 Sep 2023 09:51:54 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
2493969
etag
W/"174-18ad0e70126"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
372
x-cached
MISS
x-amz-cf-id
3K9YiQIOW_thCaBNDofkHxKIi0SvXBAemNxJIDYzOPhL8YVpwUiODg==
twitter.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		387 B
759 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/twitter.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
515fcf87781aef040a6758d637d17d941caf08ea469656259b5fc3745b832d41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"183-18b4883c0c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
387
x-cached
MISS
x-amz-cf-id
UiaMwaA7Ap9Ee0mHOCcdFVG5ZKRxr1euCin_0D-VVAI5zGdC7yEc8w==
vk.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		362 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/vk.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
da4a76da2f7b8699744313947182d57adebfbea051b931c01df1f73e41d5ff33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:48:11 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338875
etag
W/"16a-18b4883c0c7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
362
x-cached
MISS
x-amz-cf-id
KrmDSpy94mVakUxx5oGDcPwWKwEDRu4JANJooTtzCmyrE0fwIcZttQ==
vk.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		393 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/vk.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
95db6265c2c336d53707a24c7f8ccfcc921965c848f18bfc64988ddf4fdf8b75

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 00:59:57 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 04 Oct 2023 12:46:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
1770969
etag
W/"189-18afaba1e5b"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
393
x-cached
MISS
x-amz-cf-id
WEQElFPxGDvQ3QROw9xvdBjnO3rCi4H0LCrxHyEKxvf6VyVvSMgesQ==
ok.png
www.zahav.ru/public/zahav/assets/social/desktop/ 		401 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/desktop/ok.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
60531e79a8bcd2aea26e031d6c09a2da7ca3c074bea5d4585a5009d52e17f81c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:48:11 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338875
etag
W/"191-18b4883c0c7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
401
x-cached
MISS
x-amz-cf-id
puuX2Jahj9dv3F_mdeqTrgzRRqf5t6TKr_qrxlPyaZasjCcNVQXPDQ==
ok.png
www.zahav.ru/public/zahav/assets/social/mobile/ 		416 B
789 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/assets/social/mobile/ok.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
624f0494fca1a39f49b63bc119f7f76161c6cb1af4d6f8a34fd8ba627c195868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"1a0-18b4883c0c8"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
416
x-cached
MISS
x-amz-cf-id
OzkzRzS8-gQu9Fk660zjsbxpDijnCDHFwwjlwkoa1OJ-T8qcG5PViA==
currency
www.zahav.ru/ Frame F168 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/currency
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a620d0cc0e199b13300d4e785ec1a202189fcca6d647dff49611c5513cf419ad

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
941
cache-control
public, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 25 Oct 2023 12:40:27 GMT
etag
W/"481-zo0sWxMFAagrMqGut94XagQZ/A4"
server
openresty/1.15.8.3
vary
Accept-Encoding
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
x-amz-cf-id
mr3tWD9WnP3SvsPCeRdqw4CkJpeXUWpj76Qb2VA0VcqOnigIS6ue2Q==
x-amz-cf-pop
FRA60-P6
x-cache
Hit from cloudfront
x-cached
MISS
d000_70.png
pogoda.co.il/img/pogoda/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/pogoda/d000_70.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beabe65680c8743ac2c03b469d77be5bdd4746db71a57352d44924991109fa65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
463306
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
2240
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"8c0-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4BhDq9p2ycZJ9dPvdJ%2B9xYjOwvRqvGJ1a%2BQHQlp6OuKNYCikAGB3hJpXvJKtnzGaq19Q9OTDPxN7x8mIygGUvQWJJpCSomaR6dJnlmUvIUhzGZ%2FUZ%2BOL1E59Rz6BippxZr7DtnsqDXuv5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
81ba9e1f5fc9904f-FRA
expires
Sun, 19 Nov 2023 04:14:20 GMT
bbc_new.jpg
www.zahav.ru/public/zahav/images/ 		454 KB
455 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.zahav.ru/public/zahav/images/bbc_new.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
9fe53095d8381a3ffa7042a8cf71204970cb81a0898c50345f821f5dc289ac3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:45 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"718f1-18b4883c0c8"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
465137
x-cached
MISS
x-amz-cf-id
F8NnxBTwa0a3RYSABBbitm6dBbdkSfl8pAIBR3Sa36h1LzEr8Bu36Q==
/
doska.zahav.ru/informer/ Frame 43B5 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
4b239d71e6d6f79c300c56579da6be60a40e1fc22d3e3ae60dff9d7edace5a00

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2738
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 Oct 2023 12:56:06 GMT
Expires
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Wed, 25 Oct 2023 12:53:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Server
openresty/1.19.9.1
Vary
Accept-Encoding
/
doska.zahav.ru/informer/ Frame 0563 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
e646c7c6285a4fccc8d57415f2884544c30630dfdee643ec13d45ccbe00c8c1a

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2711
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 Oct 2023 12:56:06 GMT
Expires
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Wed, 25 Oct 2023 12:53:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Server
openresty/1.19.9.1
Vary
Accept-Encoding
iframe.php
date.zahav.ru/ Frame E4C2 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
90f9e24d80ed6b524a281fe45747aa42e0a92dbbc95f8409f99414bb0f3e0ee2

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Oct 2023 12:56:06 GMT
Expires
Mon, 25 Sep 2023 12:56:06 GMT
Last-Modified
Mon, 25 Sep 2023 12:56:06 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
NW.png
pogoda.co.il/img/ico/ 		482 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pogoda.co.il/img/ico/NW.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20cfc6a4b1073b01343e6adfe938d7928e99fa3024ad8ad322babf87fcad877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
778414
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
content-length
482
last-modified
Sat, 12 Jun 2021 07:18:46 GMT
server
cloudflare
etag
"1e2-5c48c6f572180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gsmd9nbxPnl2ibRii%2BovtQwEenKcpzK3CEq9wanSKQP0erUzm6sscCW%2BVUv6ntXnNIaGB1R%2BqzsUmMWT0KClpWIoBJW199l6XwzmOysPWx62fkl10y9yOSDIDWly9%2Bh%2B6G8Ux8RNmjaBVnk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
81ba9e1f9803904f-FRA
expires
Wed, 15 Nov 2023 12:42:30 GMT
iframe.php
date.zahav.ru/ Frame 1BE4 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
4e94402f68288b2af3d7d1956df8c14f9160d1d5ee04d604731f277a076d2176

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Oct 2023 12:56:06 GMT
Expires
Mon, 25 Sep 2023 12:56:06 GMT
Last-Modified
Mon, 25 Sep 2023 12:56:06 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Server
openresty
Transfer-Encoding
chunked
6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
www.zahav.ru/public/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/6950_1ee1e84a2c2bf62f2adf_1ee1e84a2c2bf62f2adf_walla.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 11:10:38 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 13:14:40 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
1129528
etag
W/"248c-18b19b9ab43"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
HRtPzj4Y49tymUQ29EbTa40pV2-KHWWE3Vn-zZsRbI7hVR8Mm4sxtA==
x-cached
MISS
5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
www.zahav.ru/public/ 		297 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
d8f67c15ef1136522d80b265ec52d3eea969960885ff6a99d40ccef0e3809c5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 17 Oct 2023 07:15:19 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Tue, 17 Oct 2023 07:09:32 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
711647
etag
W/"4a47c-18b3c77e469"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
L7l7WrzdDJnyHW00RR37EBNbcTd_ePLTmCfA4v2HAD2-qXZ91YbZfA==
x-cached
MISS
main_c81a28961449209dea8f_c81a28961449209dea8f_walla.js
www.zahav.ru/public/ 		994 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/main_c81a28961449209dea8f_c81a28961449209dea8f_walla.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
3a989c3cddf6ae536216cae18c0e526e52b22ec4bc1b4600b6ecd215566c37c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 10:46:02 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 10:32:01 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
7804
etag
W/"f8936-18b666426a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
6VmF4Zd3gCnGIqVKHgCibPZLLOjbOvrjrnl3crbkkxPJ-ywjVa7YjQ==
x-cached
MISS
zahav_538527046007eca7d9aa_538527046007eca7d9aa_walla.js
www.zahav.ru/public/ 		121 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/zahav_538527046007eca7d9aa_538527046007eca7d9aa_walla.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
a1c5bcc6294dd4b6fcdb351ad81a69edfb6af657e3730a048ba5db532647248b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 15:05:14 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
content-encoding
gzip
last-modified
Sun, 22 Oct 2023 14:59:50 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
251452
etag
W/"1e4fe-18b57e644d0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=2592000
x-amz-cf-id
qYzlDIs_MxEG8nlifx3FNcq7XtcLC0RnTNzpiX6RS-cfN8wD__rw8g==
x-cached
MISS
wallaicons.woff
www.zahav.ru/public/font/fonticon/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/font/fonticon/wallaicons.woff
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:48:11 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338875
etag
W/"3bdc-18b4883c0bf"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
15324
x-cached
MISS
x-amz-cf-id
BNFR6g2-kMvbizuE6uIE7I0MPKTjP7Trw8dJjjqE3VezsDB_d6Ga8g==
widget-vertical-editable
freecurrencyrates.com/ru/ Frame F168 		77 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freecurrencyrates.com/ru/widget-vertical-editable?iso=ILSUSDEURGBPCHFRUBUAH&df=1&p=FsphPQwN4&v=fits&source=fcr&width=300&width_title=0&firstrowvalue=1.00&thm=A6C9E2,FCFDFD,4297D7,5C9CCC,FFFFFF,C5DBEC,FCFDFD,2E6E9E,000000&title=%D0%9A%D0%BE%D0%BD%D0%B2%D0%B5%D1%80%D1%82%D0%B5%D1%80%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82&tzo=-120
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9e1a5ec0ec3bc28dfa98696e338c1bb7d63e2fe2c0ba6f547727e41e0611c84d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
cache-control
max-age=300
content-encoding
gzip
server
nginx/1.18.0
transfer-encoding
chunked
content-type
application/javascript
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
3124
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135328
x-xss-protection
0
server
cafe
etag
16474413789440466402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 24 Oct 2024 12:04:02 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=zahav.ru&p=%2F&u=CbmZ9UCcq3WLPsBms&d=zahav.ru&g=20047&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3323&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.zahav.ru%2F&b=566&t=Bp3xUK2u_LYBEN6bNColFnuCl8NKN&V=141&i=zahav.ru%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%D0%B1%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D0%B5%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5&tz=-120&sn=1&sv=yOBOCJOCbVCbLTSoTlkO086ELN&sd=1&im=067b2fff&_
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.211.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-211-254.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:06 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
zahav.ru.1297439.es6.js
jsc.idealmedia.io/z/a/ 		313 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/z/a/zahav.ru.1297439.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/z/a/zahav.ru.1297439.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9722 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511802e0cf0e95970461981b23bf8dd7c83d75fae21696245b597acb8d650cc9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
content-encoding
gzip
x-amz-version-id
N6va8D6wM6ULChXAoQNzVNOei2RN8Yom
cf-cache-status
HIT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-request-id
52J5X8G8MW7S5Y7X
age
5320
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
99628
x-amz-id-2
kSA5Ss2vsbuQ+U7YSNPHE9AH9dRjQTik0NGt67SxRU85ypAwu0ZlCCHU0wh/hH+ORitzH38/yik=
last-modified
Wed, 11 Oct 2023 08:31:25 GMT
server
cloudflare
etag
"69b6bd8e963d6af5038630bb661ee64c"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
81ba9e210ecd3632-FRA
expires
Wed, 25 Oct 2023 15:56:06 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		147 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=zahav.ru&domain=zahav.ru&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f89756e4d7e60af4f081d9ea1194de02563b4a6b122f69cd489b2da3a47b6b6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-cache-hits
7
date
Wed, 25 Oct 2023 12:56:06 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
3232
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
122
x-served-by
cache-fra-eddf8230025-FRA
x-timer
S1698238567.728789,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 23 Oct 2023 12:02:14 GMT
init
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.zahav.ru
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 25 Oct 2023 12:56:06 GMT
server
Google Frontend
x-cloud-trace-context
f2c1cf647c14dcb6882c6c974303df3c
x-request-id
undefined
init
hb-dot-valuad.appspot.com/ 		38 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/init
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
x-request-id
0bf9fade-987f-4b1e-ac37-178c3de86c79
x-vad-version
0.14.20

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
content-encoding
gzip
server
Google Frontend
etag
W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
x-cloud-trace-context
924e04964a2182a03c44c2dcf6ffad25
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64
x-request-id
undefined
touchcarousel.css
doska.zahav.ru/css/touchcarousel/ Frame 43B5 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
779154b7d164b359fd271d3babb7d4eac4f48c49a978ec0a6e0a3f646056d13d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"103e-5a7176818d1c9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1107
three-d-skin.css
doska.zahav.ru/css/touchcarousel/three-d-skin/ Frame 43B5 		2 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
c6ca62f78e9bff74cc165d26f88bd40852ae09eac3417e4224b2a9e830da1c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"9bb-5a7176818d1c9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
558
jquery-1.8.3.min.js
doska.zahav.ru/js/ Frame 43B5 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/js/jquery-1.8.3.min.js
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"16dc5-5a717681a0a4a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33433
jquery.touchcarousel-1.2.min.js
doska.zahav.ru/js/ Frame 43B5 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/js/jquery.touchcarousel-1.2.min.js?v=109
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
b3f915fc4d0a6193c5009ba3f1e6ed7e3ceac82574437f0df5df606c1dd4a4ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"4e8e-5a717681a0a4a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5279
thumb-j69grn9t7qvpc72yaqo1sm9q3066n2t0-web2.jpg
doska.zahav.ru/img/second-hand/2023-09/10/12/ Frame 43B5 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-09/10/12/thumb-j69grn9t7qvpc72yaqo1sm9q3066n2t0-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
68fc63439c0b507520c7240de9f6b197592f2b07324d646bcb14747e6ee93c72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Sun, 10 Sep 2023 10:02:08 GMT
Server
openresty/1.19.9.1
ETag
"64fd9420-2099"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8345
Expires
Fri, 24 Nov 2023 12:56:06 GMT
thumb-71ppbxfrrifsssaojrdmdhmnitwmqx6l-web1.jpg
doska.zahav.ru/img/second-hand/2023-08/25/03/ Frame 43B5 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-08/25/03/thumb-71ppbxfrrifsssaojrdmdhmnitwmqx6l-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
40f271305318eeadbe864c7e7350faffcc3a55656c4e402cf2fcf7806f9dbde3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Sat, 26 Aug 2023 05:54:37 GMT
Server
openresty/1.19.9.1
ETag
"64e9939d-eb8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3768
Expires
Fri, 24 Nov 2023 12:56:06 GMT
thumb-88411e2e61c425c2c684a590d542769d-web2.jpg
doska.zahav.ru/img/second-hand/2020-09/22/08/ Frame 43B5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2020-09/22/08/thumb-88411e2e61c425c2c684a590d542769d-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
8d2665898b44a14e3f06ffd4782a1ba8ca5d10f3ce66198e36cb2fbbdee7df20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Tue, 22 Sep 2020 05:13:49 GMT
Server
openresty/1.19.9.1
ETag
"5f69880d-228a"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8842
Expires
Fri, 24 Nov 2023 12:56:07 GMT
thumb-fcbc17b02f7dc6d3520ce8c0e03bc005-web1.jpg
doska.zahav.ru/img/second-hand/2019-01/24/08/ Frame 43B5 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2019-01/24/08/thumb-fcbc17b02f7dc6d3520ce8c0e03bc005-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ed5bea79c41b8f448aa42f5755008b5f30b95b7000fd2ba92af1fa9786d45e01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Thu, 24 Jan 2019 06:07:23 GMT
Server
openresty/1.19.9.1
ETag
"5c49561b-17f3"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6131
Expires
Fri, 24 Nov 2023 12:56:07 GMT
thumb-9vwyzc5gwk2bowr55c6h09vunnt8bzh1-web1.jpg
doska.zahav.ru/img/second-hand/2023-08/25/02/ Frame 43B5 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-08/25/02/thumb-9vwyzc5gwk2bowr55c6h09vunnt8bzh1-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
13b8bae1ba7dfda268e6e148e45101844fb34099e51aa21ee906caa256f5a582

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Sat, 26 Aug 2023 05:55:52 GMT
Server
openresty/1.19.9.1
ETag
"64e993e8-14f2"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5362
Expires
Fri, 24 Nov 2023 12:56:07 GMT
thumb-0a7d0b0b2eb18ff0d2686d6e673877e1-web1.jpg
doska.zahav.ru/img/second-hand/2023-10/15/01/ Frame 43B5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-10/15/01/thumb-0a7d0b0b2eb18ff0d2686d6e673877e1-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
d618843c31c66d3e42e50b14f669b11502635d75b28159f8b76e60a8491efa8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Sun, 15 Oct 2023 10:48:18 GMT
Server
openresty/1.19.9.1
ETag
"652bc372-2627"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9767
Expires
Fri, 24 Nov 2023 12:56:08 GMT
thumb-e2649a5423d9717657bd11957df8d04c-web2.jpg
doska.zahav.ru/img/second-hand/2023-07/07/05/ Frame 43B5 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-07/07/05/thumb-e2649a5423d9717657bd11957df8d04c-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
3b03a9eaad06493c0f18e84c4d24c32cc59fca783ddaf8734c3c44ba8df85376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Fri, 07 Jul 2023 14:44:06 GMT
Server
openresty/1.19.9.1
ETag
"64a824b6-10cc"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4300
Expires
Fri, 24 Nov 2023 12:56:08 GMT
thumb-dmd2fsvn7d8xcdpwhcpgk9o8h3jsmjae-web2.jpg
doska.zahav.ru/img/second-hand/2022-06/28/07/ Frame 43B5 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2022-06/28/07/thumb-dmd2fsvn7d8xcdpwhcpgk9o8h3jsmjae-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
bac5662f4ad8d16fb814c4342ef93a7e8063b08bb95401348037f7aad0c64235

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Tue, 28 Jun 2022 05:23:16 GMT
Server
openresty/1.19.9.1
ETag
"62ba9044-1a30"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6704
Expires
Fri, 24 Nov 2023 12:56:08 GMT
thumb-4a7f4957aa1121d048f5bbfab7bef31a-web2.jpg
doska.zahav.ru/img/second-hand/2018-04/30/09/ Frame 43B5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2018-04/30/09/thumb-4a7f4957aa1121d048f5bbfab7bef31a-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
387909e1bd44fb55a23ec3a07e75b801fbd9e4e8e8132cecaa2e074f18dc7efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Mon, 30 Apr 2018 18:10:39 GMT
Server
openresty/1.19.9.1
ETag
"5ae75c1f-26b7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9911
Expires
Fri, 24 Nov 2023 12:56:08 GMT
thumb-037c4fa56d43ab25677ac705529a102c-web2.jpg
doska.zahav.ru/img/second-hand/2023-10/24/03/ Frame 43B5 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-10/24/03/thumb-037c4fa56d43ab25677ac705529a102c-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ba4dcf97528b4ec5f358e08b898cbe26b3328da0a8c9419e12b0fceac4a4fef4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Tue, 24 Oct 2023 12:48:02 GMT
Server
openresty/1.19.9.1
ETag
"6537bd02-2455"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9301
Expires
Fri, 24 Nov 2023 12:56:08 GMT
js
www.googletagmanager.com/gtag/ 		266 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DV74S5EBKL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58RVJLV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a48c051360874229ff2d95af5872d7759625a1ad198862174a41db7be86edd88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91207
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 25 Oct 2023 12:56:06 GMT
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-103.fra2.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:39:43 GMT
content-encoding
gzip
via
1.1 c7f7b4cf7fd5efe64bac95586db3f62a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
984
x-cache
Hit from cloudfront
content-length
1696
last-modified
Mon, 07 Aug 2023 11:07:01 GMT
server
Apache/2.4.54 (Debian)
etag
"1090-602533ee4ff40-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
hUZEoj_oeUUxWsfwGQblOUyhKTmmcHo8Sa2iNR2PHv-QTDC8YACJuA==
fi_client.js
ecdn.firstimpression.io/ 		349 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
6311a02aaff6bad09834d41e368b6919c0c307fb27f2e31ec5c5ca038e743474
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:28:58 GMT
Content-Encoding
br
Via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
1628
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Wed,25 Oct 2023 12:28:58 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"e8b35bb5882d83422622ab04cb825796"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
jh5ZCs6s-oEQFTyZqY8UB44b9i4TN1jqEMwWOlWkKtGfgcGQ05uUkQ==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58RVJLV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 25 Oct 2023 11:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3984
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 25 Oct 2023 13:49:42 GMT
widget.js
d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/ 		736 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/widget.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.188.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-188-223.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b22737ff0cffbc4224eed81781e00c9eb3a242590c59a3c14b11ed5bae83a6f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Sun, 12 Mar 2023 00:23:03 GMT
Via
1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
Last-Modified
Thu, 01 Feb 2018 11:19:16 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P1
Age
19657984
ETag
"4d15062a4e2290d32a7e395b47be5382"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=29030400, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
736
X-Amz-Cf-Id
F6bJVmA-ifqzwD-zuHz0LC7Y_8Gxj7TkiAYobrl38YRoQEJOtKi-_A==
touchcarousel.css
doska.zahav.ru/css/touchcarousel/ Frame 0563 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
779154b7d164b359fd271d3babb7d4eac4f48c49a978ec0a6e0a3f646056d13d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"103e-5a7176818d1c9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1107
three-d-skin.css
doska.zahav.ru/css/touchcarousel/three-d-skin/ Frame 0563 		2 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
c6ca62f78e9bff74cc165d26f88bd40852ae09eac3417e4224b2a9e830da1c41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"9bb-5a7176818d1c9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
558
jquery-1.8.3.min.js
doska.zahav.ru/js/ Frame 0563 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/js/jquery-1.8.3.min.js
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"16dc5-5a717681a0a4a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33433
jquery.touchcarousel-1.2.min.js
doska.zahav.ru/js/ Frame 0563 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doska.zahav.ru/js/jquery.touchcarousel-1.2.min.js?v=109
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
b3f915fc4d0a6193c5009ba3f1e6ed7e3ceac82574437f0df5df606c1dd4a4ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"4e8e-5a717681a0a4a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5279
thumb-d0f7fa14800ae18753a90207da5f0260-web1.jpg
doska.zahav.ru/img/second-hand/2023-02/25/12/ Frame 0563 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-02/25/12/thumb-d0f7fa14800ae18753a90207da5f0260-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
bbcfee4415ada3401a48af8754b6665e8ed93d6dde71524c26558a66587de75d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Sat, 25 Feb 2023 10:05:37 GMT
Server
openresty/1.19.9.1
ETag
"63f9dd71-31ce"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12750
Expires
Fri, 24 Nov 2023 12:56:07 GMT
thumb-ff56c5dcef3c59572fa43c2fb59dc664-web2.jpg
doska.zahav.ru/img/second-hand/2023-07/09/01/ Frame 0563 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-07/09/01/thumb-ff56c5dcef3c59572fa43c2fb59dc664-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
fc9c5e55bc320b5ca4f22e6d9b04317f0cc0159644536039e417628093580721

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Sun, 09 Jul 2023 10:09:01 GMT
Server
openresty/1.19.9.1
ETag
"64aa873d-21df"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8671
Expires
Fri, 24 Nov 2023 12:56:07 GMT
thumb-puhvxvmd133wnud7zw5pbu3cb7fgb7t8-web1.jpg
doska.zahav.ru/img/second-hand/2023-10/24/10/ Frame 0563 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-10/24/10/thumb-puhvxvmd133wnud7zw5pbu3cb7fgb7t8-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
aa5ccfa44693677c27c43701013beeb8226d8f3f112f89d64f87a7c3fc2ca6ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Wed, 25 Oct 2023 05:29:50 GMT
Server
openresty/1.19.9.1
ETag
"6538a7ce-11ea"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4586
Expires
Fri, 24 Nov 2023 12:56:07 GMT
thumb-f6b2e2a94cff2d89426fdeccfdccc7a5-web2.jpg
doska.zahav.ru/img/second-hand/2021-06/03/07/ Frame 0563 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2021-06/03/07/thumb-f6b2e2a94cff2d89426fdeccfdccc7a5-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
766420ea63a8c8a808c2a2bdc94f966788d0401c6e72223c86669c2b9f643403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Thu, 03 Jun 2021 04:27:46 GMT
Server
openresty/1.19.9.1
ETag
"60b85a42-1c81"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7297
Expires
Fri, 24 Nov 2023 12:56:07 GMT
thumb-d859d06f5dc2a5965a01f27ff65c9cd1-web1.jpg
doska.zahav.ru/img/second-hand/2015-12/14/03/ Frame 0563 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2015-12/14/03/thumb-d859d06f5dc2a5965a01f27ff65c9cd1-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
57fd6c43200b7365f2919217ec479ddd935dcd9f43cb8615e57582ac70adf492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Mon, 14 Dec 2015 13:56:54 GMT
Server
openresty/1.19.9.1
ETag
"566ecaa6-1b82"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7042
Expires
Fri, 24 Nov 2023 12:56:07 GMT
thumb-11a6761bdfe59d354e9b57d414999f0e-web2.jpg
doska.zahav.ru/img/second-hand/2023-09/22/04/ Frame 0563 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-09/22/04/thumb-11a6761bdfe59d354e9b57d414999f0e-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
1599cca0cc6a5753d96bb722bf0445ed676a9a84f6781c22f42d7cd0d3694539

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Fri, 22 Sep 2023 13:39:51 GMT
Server
openresty/1.19.9.1
ETag
"650d9927-2bdb"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11227
Expires
Fri, 24 Nov 2023 12:56:08 GMT
thumb-2be76fe2f7cc4c491d2d338f28bd1cf9-web2.jpg
doska.zahav.ru/img/second-hand/2023-02/17/01/ Frame 0563 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-02/17/01/thumb-2be76fe2f7cc4c491d2d338f28bd1cf9-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
289aaa2fdade3511d08f072a11211535d3c088c4dfc777bccebd5b8a00033ecb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Fri, 17 Feb 2023 11:23:01 GMT
Server
openresty/1.19.9.1
ETag
"63ef6395-1ba8"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7080
Expires
Fri, 24 Nov 2023 12:56:08 GMT
thumb-e2649a5423d9717657bd11957df8d04c-web2.jpg
doska.zahav.ru/img/second-hand/2023-07/07/05/ Frame 0563 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2023-07/07/05/thumb-e2649a5423d9717657bd11957df8d04c-web2.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
3b03a9eaad06493c0f18e84c4d24c32cc59fca783ddaf8734c3c44ba8df85376

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Fri, 07 Jul 2023 14:44:06 GMT
Server
openresty/1.19.9.1
ETag
"64a824b6-10cc"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4300
Expires
Fri, 24 Nov 2023 12:56:08 GMT
thumb-ba3acaca086f64402cdb2d27ce3b198c-web1.jpg
doska.zahav.ru/img/second-hand/2019-05/24/01/ Frame 0563 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2019-05/24/01/thumb-ba3acaca086f64402cdb2d27ce3b198c-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
3507fbb24135ec817de2ac6e5fd75d700aa8095981f5287c21a2d55b2160e3a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Fri, 24 May 2019 10:06:12 GMT
Server
openresty/1.19.9.1
ETag
"5ce7c214-1a94"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6804
Expires
Fri, 24 Nov 2023 12:56:08 GMT
thumb-988dd6a200df9f4951a65940211ead5b-web1.jpg
doska.zahav.ru/img/second-hand/2021-08/29/06/ Frame 0563 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/img/second-hand/2021-08/29/06/thumb-988dd6a200df9f4951a65940211ead5b-web1.jpg
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
d74d57cb632e45f92fdfdfef67aa1548bc89035ee31dc0f8883593c372d7beeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Sun, 29 Aug 2021 15:07:37 GMT
Server
openresty/1.19.9.1
ETag
"612ba2b9-2dc7"
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11719
Expires
Fri, 24 Nov 2023 12:56:08 GMT
iframe.css
date.zahav.ru/css/ Frame E4C2 		939 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/css/iframe.css?v=578
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Mon, 19 Dec 2022 16:04:15 GMT
Server
openresty
ETag
"63a08b7f-3ab"
Content-Type
text/css
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
939
Expires
Mon, 22 Apr 2024 12:56:06 GMT
online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame E4C2 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Mon, 19 Dec 2022 16:04:16 GMT
Server
openresty
ETag
"63a08b80-3f1"
Content-Type
image/png
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1009
Expires
Mon, 22 Apr 2024 12:56:06 GMT
ts_tnyubnainc.jpg
date.zahav.ru/photos/162/1162/3411162/ Frame E4C2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/162/1162/3411162/ts_tnyubnainc.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
bf697114dd633c58fe855a69520269c12914780e7d230bf3533a63187124d15a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Wed, 27 Jan 2021 20:59:50 GMT
Server
openresty
ETag
"6011d446-904"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2308
Expires
Sat, 19 Oct 2024 12:56:06 GMT
ts_51mz9utz07.jpg
date.zahav.ru/photos/110/4510/9399510/ Frame E4C2 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/110/4510/9399510/ts_51mz9utz07.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
9eba335d8cc9318be05e1b1e2e4be1fbdd5b0ff34bb7db6eee52b55f8714ed8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Wed, 12 Jul 2023 21:36:13 GMT
Server
openresty
ETag
"64af1ccd-9da"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2522
Expires
Sat, 19 Oct 2024 12:56:06 GMT
ts_04njau09h6.jpg
date.zahav.ru/photos/158/3158/13263158/ Frame E4C2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/158/3158/13263158/ts_04njau09h6.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
5b27dee07ef5a99538e4b7bc2fb7f4646c0fdb7cafd09135a886b04031ea626b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Wed, 25 Oct 2023 07:24:09 GMT
Server
openresty
ETag
"6538c299-b20"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2848
Expires
Sat, 19 Oct 2024 12:56:07 GMT
ts_9mhow87g6g.jpg
date.zahav.ru/photos/53/3053/12108053/ Frame E4C2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/53/3053/12108053/ts_9mhow87g6g.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
117d3845cf542e6a69af541cc195dd652bd378c655cb29c580e63b1292fe73f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Wed, 25 Oct 2023 05:52:17 GMT
Server
openresty
ETag
"6538ad11-bc4"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3012
Expires
Sat, 19 Oct 2024 12:56:07 GMT
iframe.css
date.zahav.ru/css/ Frame 1BE4 		939 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://date.zahav.ru/css/iframe.css?v=578
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Mon, 19 Dec 2022 16:04:15 GMT
Server
openresty
ETag
"63a08b7f-3ab"
Content-Type
text/css
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
939
Expires
Mon, 22 Apr 2024 12:56:06 GMT
online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame 1BE4 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Mon, 19 Dec 2022 16:04:16 GMT
Server
openresty
ETag
"63a08b80-3f1"
Content-Type
image/png
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1009
Expires
Mon, 22 Apr 2024 12:56:06 GMT
ts_ybmcr6kz5e.jpg
date.zahav.ru/photos/85/2485/2247485/ Frame 1BE4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/85/2485/2247485/ts_ybmcr6kz5e.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
534a477deb9879b68f4d3c511964b025a9be95ac58f70ebd6a128a3b8dcdbcd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Tue, 17 Oct 2023 16:08:46 GMT
Server
openresty
ETag
"652eb18e-b8e"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2958
Expires
Sat, 19 Oct 2024 12:56:06 GMT
ts_atutteee98.jpg
date.zahav.ru/photos/177/1777/11391777/ Frame 1BE4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/177/1777/11391777/ts_atutteee98.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
fe323be619a76d7dacbca4174b9382f8af50f43b32dd5a95c5a9b993cb93b380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:06 GMT
Last-Modified
Thu, 29 Sep 2022 12:03:31 GMT
Server
openresty
ETag
"63358993-b05"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2821
Expires
Sat, 19 Oct 2024 12:56:06 GMT
ts_r8gfwiks8l.jpg
date.zahav.ru/photos/23/2423/2407423/ Frame 1BE4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/23/2423/2407423/ts_r8gfwiks8l.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
dbae3d9f0c37e5e2c5e02029f51baa7c02771d105a3981449c1bdbbfa20c795f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Thu, 05 Mar 2020 17:18:05 GMT
Server
openresty
ETag
"5e61344d-b43"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2883
Expires
Sat, 19 Oct 2024 12:56:07 GMT
ts_wsdekcvdc4.jpg
date.zahav.ru/photos/1/601/9265601/ Frame 1BE4 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/photos/1/601/9265601/ts_wsdekcvdc4.jpg
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
729708ac8c6ca6ce7abb808820befce0414ed41d69125fb032aa8a976f4fc5da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Mon, 05 Jun 2023 22:08:53 GMT
Server
openresty
ETag
"647e5cf5-d24"
Content-Type
image/jpeg
Cache-Control
max-age=31104000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3364
Expires
Sat, 19 Oct 2024 12:56:07 GMT
online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame E4C2 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Mon, 19 Dec 2022 16:04:16 GMT
Server
openresty
ETag
"63a08b80-3f1"
Content-Type
image/png
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1009
Expires
Mon, 22 Apr 2024 12:56:07 GMT
online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame 1BE4 		1009 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by
Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.28 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty /
Resource Hash
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:07 GMT
Last-Modified
Mon, 19 Dec 2022 16:04:16 GMT
Server
openresty
ETag
"63a08b80-3f1"
Content-Type
image/png
Cache-Control
max-age=15552000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1009
Expires
Mon, 22 Apr 2024 12:56:07 GMT
il.png
freecurrencyrates.com/flags/24/ Frame F168 		587 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/il.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9e3c3c9dc24c88ba3faedd92493c57fffd88212868425c2d92895d7ee0fb1392

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-24b"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
587
expires
Thu, 31 Dec 2037 23:55:55 GMT
us.png
freecurrencyrates.com/flags/24/ Frame F168 		656 B
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/us.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:07 GMT
last-modified
Fri, 01 Jul 2016 20:43:46 GMT
server
nginx/1.18.0
etag
"5776d602-290"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
656
expires
Thu, 31 Dec 2037 23:55:55 GMT
eu.png
freecurrencyrates.com/flags/24/ Frame F168 		909 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/eu.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f880ef6584845869e5d81b2960b8eb81ec470b88ea8859dd75a2ef80f56fe8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:07 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-38d"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
909
expires
Thu, 31 Dec 2037 23:55:55 GMT
gb.png
freecurrencyrates.com/flags/24/ Frame F168 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/gb.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:07 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-499"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1177
expires
Thu, 31 Dec 2037 23:55:55 GMT
ch.png
freecurrencyrates.com/flags/24/ Frame F168 		532 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/ch.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
5618a1cdf82aad97f1c6240687b1707be691d2453d74a7a0234d62bf4bccd877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:07 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-214"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
532
expires
Thu, 31 Dec 2037 23:55:55 GMT
ru.png
freecurrencyrates.com/flags/24/ Frame F168 		403 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/ru.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:07 GMT
last-modified
Fri, 01 Jul 2016 20:43:45 GMT
server
nginx/1.18.0
etag
"5776d601-193"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
403
expires
Thu, 31 Dec 2037 23:55:55 GMT
ua.png
freecurrencyrates.com/flags/24/ Frame F168 		476 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freecurrencyrates.com/flags/24/ua.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
70549240fea1a10a4c0ec5804693af68a23eeaaff15c9cd1883c0138c81847e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:06 GMT
last-modified
Fri, 01 Jul 2016 20:43:46 GMT
server
nginx/1.18.0
etag
"5776d602-1dc"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
476
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ Frame F168 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e190a4d5edc1e768529b868e650ceea914c8329d7083c5af4c6b27045b10a72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Regular.woff2
freecurrencyrates.com/font/roboto.googlefonts/ Frame F168 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://freecurrencyrates.com/font/roboto.googlefonts/Roboto-Regular.woff2
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f05b6f9877fc4a3f9b4587aba72a9c63c60ce1e26398993498187816366de818

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:07 GMT
last-modified
Sun, 03 Jul 2016 17:43:11 GMT
server
nginx/1.18.0
etag
"57794eaf-f0a4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
61604
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Medium.woff2
freecurrencyrates.com/font/roboto.googlefonts/ Frame F168 		61 KB
61 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://freecurrencyrates.com/font/roboto.googlefonts/Roboto-Medium.woff2
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7c44::22c9 Meppel, Netherlands, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e9817ff441c7044f2d126a3e12b02f624bd2fff669e3f6092d9c92324313df13

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:07 GMT
last-modified
Sun, 03 Jul 2016 17:43:11 GMT
server
nginx/1.18.0
etag
"57794eaf-f314"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
content-length
62228
expires
Thu, 31 Dec 2037 23:55:55 GMT
json
pro.ip-api.com/ 		20 B
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json?key=ay3FPSS6OcBXPHg&fields=countryCode
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 12:56:07 GMT
Content-Length
20
Content-Type
application/json; charset=utf-8
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/public/5785_6990edb44130741d99e1_6990edb44130741d99e1_walla.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3d24df0276b0464a135604980e283f1403e523f4edbc3bc7f4d914e58a6d662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29115
x-xss-protection
0
server
cafe
etag
245 / 19655 / 31079110 / config-hash: 8671707731930110642
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:07 GMT
impl.20231025-5-RELEASE.js
cdn.taboola.com/libtrc/ 		814 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-zahavru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
bbacf79a0487b5ca46e1db609f45d1a0d99b0b72cf925a3a23b4ec365e382138

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
eG2LPBBGfYLj1Jgz7x866NL7x_GrNXZ3
content-encoding
br
via
1.1 varnish
date
Wed, 25 Oct 2023 12:56:07 GMT
x-amz-request-id
5GBHT7MYKTDPPBZV
age
13546
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
172427
x-amz-id-2
544bOWtNI9JXU7MHzOTFH3zPQl/c0O5OBPsfgyuC7a3+jsnIvMlOdANmdNyy2Jm/uv2DfXb+Sfo=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 25 Oct 2023 09:10:20 GMT
server
AmazonS3-br
x-timer
S1698238568.660866,VS0,VE0
etag
"3902fab24b3747c9e36056387e2e8686"
vary
Accept-Encoding
content-type
application/javascript
abp
94
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
48235
3617639-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/6/1/7/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/6/1/7/3617639-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a22a7d81feb9689bb8ce323b6b3b699af6915353871ec89672e78a0d7eade416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 06:29:50 GMT
via
1.1 google
age
23177
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28166
3616725-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/6/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/6/3616725-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
9e3e71d21592c456fce42d7ceb97f43d49828f0f9cf814ce54c1c62d09b62bec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 06:53:16 GMT
via
1.1 google
age
21771
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11074
3112386-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/1/2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/1/1/2/3112386-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
5c8251114fffcc1a60ea943341a532cc19f33a7a9e8fa95f2fcea4dde443f04b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 11:03:15 GMT
via
1.1 google
age
6772
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8740
2897300-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/8/9/7/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/2/8/9/7/2897300-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
d3b643c6fee35ecb0c5729a591b1e0858b7ed968abac731317a1b70fd81db6f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:04:49 GMT
via
1.1 google
age
21078
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10450
3617656-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/7/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/7/3617656-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
2c5a7afa8c8f1997cefa0ff115edcbfb3dc61b9976e14986a3d49d62ed7b1b4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:14:19 GMT
via
1.1 google
age
20508
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8404
3617648-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/7/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/6/1/7/3617648-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e9a1fa7591150bd552bed896336f2f25c63fa60117bf5b2d248d305cec07b1f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 06:16:57 GMT
via
1.1 google
age
23950
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6864
3385886-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/8/5/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_54/3/3/8/5/3385886-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
7caef9f84beab92679cdbded0d01990b6b3148636252a74fcd1d40b14bfa14c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 17:24:00 GMT
via
1.1 google
age
70327
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9320
3365182-46.jpg
images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/3/6/5/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.wcdn.co.il/f_auto,q_auto,w_300,t_18/3/3/6/5/3365182-46.jpg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.198.118 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
118.198.160.34.bc.googleusercontent.com
Software
/
Resource Hash
4a208b89a9ef2aee7e7921f8b2562b3f372a4a4de17e52d52f87480ff5b2e5fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 19:36:16 GMT
via
1.1 google
age
62391
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15098
77485b11-6553-4c8a-bb49-36ead6ab02cc
https://www.zahav.ru/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.zahav.ru/77485b11-6553-4c8a-bb49-36ead6ab02cc
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
612d7736-ab1e-4b94-8b0d-ab57194a9766
https://www.zahav.ru/ 		250 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.zahav.ru/612d7736-ab1e-4b94-8b0d-ab57194a9766
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length
250
Content-Type
text/javascript
favicon.ico
ad.doubleclick.net/ 		1 KB
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 10:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7142
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 10:57:06 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.60 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-60.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Fri, 24 Nov 2023 12:56:08 GMT
date
Wed, 25 Oct 2023 12:56:08 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=659924368&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zahav.ru%2F&ul=en-us&de=UTF-8&dt=zahav.ru%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%D0%B1%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D0%B5%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1409592817&gjid=806409094&cid=1682251483.1698238568&tid=UA-4780630-1&_gid=188761327.1698238568&_r=1&_slc=1&gtm=45He3an0n8158RVJLVv77212179&z=821700535
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
253 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DV74S5EBKL&gtm=45je3an0v9118752218z877212179&_p=659924368&cid=1682251483.1698238568&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.zahav.ru%2F&sid=1698238568&sct=1&seg=0&dt=zahav.ru%20-%20%D0%B2%D1%81%D0%B5%20%D0%BE%D0%B1%20%D0%98%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D0%B5%20%D0%BD%D0%B0%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%BE%D0%BC%20%D1%8F%D0%B7%D1%8B%D0%BA%D0%B5&en=page_view&_fv=1&_ss=1&ep.url_encoded=https%3A%2F%2Fwww.zahav.ru%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DV74S5EBKL&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-DV74S5EBKL&v=3&t=t&pid=1126047744&cv=1&rv=3an0&tc=15&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=www.zahav.ru%2F&tdp=G-DV74S5EBKL;118752218;1;6;0&z=0
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-DV74S5EBKL&v=3&t=t&pid=1126047744&cv=1&rv=3an0&tc=15&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&h=Ag&dl=www.zahav.ru%2F&tdp=G-DV74S5EBKL;118752218;1;6;0&z=0
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:08 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-DV74S5EBKL&v=3&t=t&pid=1126047744&cv=1&rv=3an0&tc=15&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAg&h=Ag&tr=1ogt1pdatav2.1ccdgafirst.1setproductsettings.1ogtgooglesignals.1ccdgaregscope.1ccdemdownload.1ccdemform.1ccdemoutboundclick.1ccdemscroll.1ccdemsitesearch.1ccdemvideo.1ccdconversionmarking.1ccdautoredact.1ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-DV74S5EBKL&v=3&t=t&pid=1126047744&cv=1&rv=3an0&tc=15&es=1&e=*&eid=1&u=AAAAAAAIAAAAACAg&h=Ag&epr=1G.3G.1G.2G&tr=1gct&ti=1gct&z=0
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
widget.js
d221oziut8gs4d.cloudfront.net/ 		0
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d221oziut8gs4d.cloudfront.net/widget.js?id=19762624&secure&9434659
Requested by
Host: d2xerlamkztbb1.cloudfront.net
URL: https://d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.94.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-94-14.prg50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 12:56:08 GMT
Content-Encoding
gzip
Via
1.1 f631e696fd022598ec39e248ac48b192.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
X-Cache
Miss from cloudfront
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
X-Amz-Cf-Id
iqVs5HyACwe19IKdy4Cz_s7r3FSU-pgOw_OaQhrNMAvVx_zDNpBX3g==
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-DV74S5EBKL&v=3&t=t&pid=1126047744&cv=1&rv=3an0&tc=15&es=1&e=gtm.dom&eid=2&u=AAAAAAAIAAAAACAg&h=Ag&z=0
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-DV74S5EBKL&v=3&t=t&pid=1126047744&cv=1&rv=3an0&tc=15&e=gtm.init&eid=0&u=AAAAAAAIAAAAACAg&h=Ag&tr=5ogt1pdatav2.5ccdgafirst.5setproductsettings.5ogtgooglesignals.5ccdgaregscope.5ccdemdownload.5ccdemform.5ccdemoutboundclick.5ccdemscroll.5ccdemsitesearch.5ccdemvideo.5ccdconversionmarking.5ccdautoredact.5ccdgalast&ti=2ogt1pdatav2.2ccdgafirst.2setproductsettings.2ogtgooglesignals.2ccdgaregscope.2ccdemdownload.2ccdemform.2ccdemoutboundclick.2ccdemscroll.2ccdemsitesearch.2ccdemvideo.2ccdconversionmarking.2ccdautoredact.2ccdgalast&z=0
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
grab.png
doska.zahav.ru/css/touchcarousel/ Frame 0563 		99 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/css/touchcarousel/grab.png
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"63-5a7176818d1c9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
99
sprite.png
doska.zahav.ru/css/touchcarousel/three-d-skin/ Frame 0563 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://doska.zahav.ru/css/touchcarousel/three-d-skin/sprite.png
Requested by
Host: doska.zahav.ru
URL: https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
6c02b4d4daf27fa92211062a42b8d7dd83e3990d80aee07fdfe7b4f6ea093688

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Last-Modified
Tue, 02 Jun 2020 10:30:56 GMT
Server
openresty/1.19.9.1
ETag
"a04-5a7176818d1c9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2564
spc_fi.php
cdn.firstimpression.io/delivery/ 		108 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=6962&url=%2F&charset=UTF-8&ch=14&ref=www.zahav.ru&viewerId=null&referer=&_firid=9213253
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-54.prg50.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
6892f46033aca54e604aaf2730c9d7d6b9256328f950f411635008df8791e202

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Content-Encoding
gzip
Via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
18827
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
9VeljNbZpY6rTlR3McyyVlsp_iY8Mrz0Jmqhn9UBIr3u6XM77f2gAw==
Expires
0
collect
stats.g.doubleclick.net/j/ 		4 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-4780630-1&cid=1682251483.1698238568&jid=1409592817&gjid=806409094&_gid=188761327.1698238568&_u=YEBAAEAAAAAAACAAI~&z=447521021
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 25 Oct 2023 12:56:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:07 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
235801
expires
60
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1682251483.1698238568&jid=1409592817&_u=YEBAAEAAAAAAACAAI~&z=850342960
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-4780630-1&cid=1682251483.1698238568&jid=1409592817&_u=YEBAAEAAAAAAACAAI~&z=850342960
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.idealmedia.io/pv/ 		43 B
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.idealmedia.io/pv/?lu=https%3A%2F%2Fwww.zahav.ru%2F&cbuster=1698238568330220129517&pvid=18b66e81789868d25c3&implVersion=11&cxurl=https%3A%2F%2Fwww.zahav.ru&site=798910&i=1&scum=%3F0&scuw=%3F0
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9722 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
81ba9e2c3d183632-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
prebidamp.js
ecdn.firstimpression.io/static/js/ 		305 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d75469cc2ac7f959e2c765c2dccc9884c09457cc3f1c9c17457d195593f76744

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:54:24 GMT
Content-Encoding
gzip
Via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
105
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 07 Aug 2023 11:06:29 GMT
Server
Apache/2.4.54 (Debian)
ETag
"4c441-602533cfcb740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
RmuKwzkYWOi34Uwfzw4ryTOqKwqPMVlYWahKKoP4ULMMv_yi3FGYxg==
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15234
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230064-FRA, cache-jnb7024-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FZo5bYIKD%2BNPKt1UFNf4Q9iU6w%2BDqHsne%2FkNY6tKMOIdNMZ8XHL3o0C02ZmzwPnVaI8771dCys9Z%2FInIDpOrE8XUIp%2FO2c%2BVFM85Mc7pAP21YUX%2B6I%2FqqgRQo6ALL9en9m9cFYN5Kokm7pyDZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81ba9e2e280a3619-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b241c919ca18ac130827cb50fed4b1958a6a76a788863012cafa7feab3bb847a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29113
x-xss-protection
0
server
cafe
etag
927 / 19655 / m202310190101 / config-hash: 8671707731930110642
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:08 GMT
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 9D29 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
7d94107f619b79439af7ca7fde45f97ba80e6ab755ac912d17910d9aa62649a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:09:41 GMT
Content-Encoding
gzip
Via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2788
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
36470
Last-Modified
Mon, 07 Aug 2023 11:06:29 GMT
Server
Apache/2.4.54 (Debian)
ETag
"1ba31-602533cfcb740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
h_mW_mCKwRIpSEwuX6UHH0YWhvKL_4-uOJeZY69I5K7UwOlDEx5OYg==
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 49FF 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
7d94107f619b79439af7ca7fde45f97ba80e6ab755ac912d17910d9aa62649a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:09:41 GMT
Content-Encoding
gzip
Via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2788
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
36470
Last-Modified
Mon, 07 Aug 2023 11:06:29 GMT
Server
Apache/2.4.54 (Debian)
ETag
"1ba31-602533cfcb740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
nOkrt4bciD5-ogZj6gi3Ejvj9xJ-Iz7eDNsuaokvAPWmAA3AGmPVMQ==
fiamp.js
ecdn.firstimpression.io/static/js/ Frame 790F 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
7d94107f619b79439af7ca7fde45f97ba80e6ab755ac912d17910d9aa62649a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:09:41 GMT
Content-Encoding
gzip
Via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2788
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
36470
Last-Modified
Mon, 07 Aug 2023 11:06:29 GMT
Server
Apache/2.4.54 (Debian)
ETag
"1ba31-602533cfcb740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
nSmq_IBrY9GwwTCILsbaf9oDlwlML0obBQTnYupvXvPW1-VOC8uftw==
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 9D29 		305 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d75469cc2ac7f959e2c765c2dccc9884c09457cc3f1c9c17457d195593f76744

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:54:24 GMT
Content-Encoding
gzip
Via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
105
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 07 Aug 2023 11:06:29 GMT
Server
Apache/2.4.54 (Debian)
ETag
"4c441-602533cfcb740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
UfCm3L7zzto-a4StlV42LKq-OEZz2_T_5-T0yfA-kon1V1v5LLIxfQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9D29 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2eec975ef608346aad483cbf4dcdfc97fadc576a5e555254adcc43d6e738a591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29114
x-xss-protection
0
server
cafe
etag
909 / 19655 / m202310190101 / config-hash: 8671707731930110642
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:08 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 49FF 		305 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d75469cc2ac7f959e2c765c2dccc9884c09457cc3f1c9c17457d195593f76744

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:54:24 GMT
Content-Encoding
gzip
Via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
105
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 07 Aug 2023 11:06:29 GMT
Server
Apache/2.4.54 (Debian)
ETag
"4c441-602533cfcb740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
aKduZ9y5dgb9NeAVq8KBeHq6_rFgyCTWswuOq2BnVmk_ir_yqkx_Kg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 49FF 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a421da0f44c56dcfa97754784f92a621171e2277fac78ac1754475ff3a090775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29497
x-xss-protection
0
server
cafe
etag
137 / 19655 / 31079134 / config-hash: 8671707731930110642
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:08 GMT
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame 790F 		305 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d75469cc2ac7f959e2c765c2dccc9884c09457cc3f1c9c17457d195593f76744

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:54:24 GMT
Content-Encoding
gzip
Via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
105
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 07 Aug 2023 11:06:29 GMT
Server
Apache/2.4.54 (Debian)
ETag
"4c441-602533cfcb740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
bpsGE3jjL5VtRA83OXs2WkZHDNDbUAM5Iv8ufZSy5-PMFsOczw3ILQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 790F 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e363440be15ee4c35705349e539cbd41a4578bf7ecd845375f183a294f8d00f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29114
x-xss-protection
0
server
cafe
etag
199 / 19655 / 31079109 / config-hash: 8671707731930110642
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:08 GMT
json
trc.taboola.com/wallail-zahavru/trc/3/ 		109 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-zahavru/trc/3/json?tim=14%3A56%3A08.800&lti=deflated&data=%7B%22id%22%3A765%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1698226758777%2C%22vi%22%3A1698238568790%2C%22cv%22%3A%2220231025-5-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%2C%22vpi%22%3A%22%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3453%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-stream%3Aabp%3D0%22%2C%22uip%22%3A%22Native%20Homepage%22%2C%22orig_uip%22%3A%22Native%20Homepage%22%2C%22cd%22%3A885.390625%2C%22mw%22%3A480%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-stream-a%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Mid%22%2C%22orig_uip%22%3A%22Homepage%20Mid%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-text-link-a%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Mid2%22%2C%22orig_uip%22%3A%22Homepage%20Mid2%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A5%2C%22uim%22%3A%22thumbnails-d%3Aabp%3D0%22%2C%22uip%22%3A%22Left%20Rail%20Widget%22%2C%22orig_uip%22%3A%22Left%20Rail%20Widget%22%2C%22cd%22%3A2161.234375%2C%22mw%22%3A300%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-stream-a%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Mid%201%22%2C%22orig_uip%22%3A%22Homepage%20Mid%201%22%2C%22cd%22%3A1533.9375%2C%22mw%22%3A480%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-text-link-a%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Mid2%201%22%2C%22orig_uip%22%3A%22Homepage%20Mid2%201%22%2C%22cd%22%3A1533.9375%2C%22mw%22%3A480%7D%2C%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-e%3Aabp%3D0%22%2C%22uip%22%3A%22Homepage%20Endless%22%2C%22orig_uip%22%3A%22Homepage%20Endless%22%2C%22cd%22%3A3382.421875%2C%22mw%22%3A480%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CHomepage%20Endless%3Dthumbnails-e%3Aabp%3D0%2C%2CHomepage%20Mid%201%3Dthumbnails-stream-a%3Aabp%3D0%2C%2CHomepage%20Mid2%201%3Dthumbnails-text-link-a%3Aabp%3D0%2C%2CHomepage%20Mid2%3Dthumbnails-text-link-a%3Aabp%3D0%2C%2CHomepage%20Mid%3Dthumbnails-stream-a%3Aabp%3D0%2C%2CLeft%20Rail%20Widget%3Dthumbnails-d%3Aabp%3D0%2C%2CNative%20Homepage%3Dthumbnails-stream%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e9156d1c5d6bd67e709d7a771a7a3a613ae5f6a6e3a075b00633a5c5c0ae8ac2

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
1738
date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
gzip
via
1.1 varnish
cpu
1.11325
x-fastly-to-nlb-rtt
7461
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230021-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1698238569.846916,VS0,VE1738
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:35:42 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=42730
accept-ranges
bytes
content-length
65459
expires
Thu, 26 Oct 2023 00:48:18 GMT
/
csync.smilewanted.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
81ba9e2f683c1e30-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231025
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b463c6f820fa79b1fd799921ab71bb0fe73ca13435e89301eb719cab252c6399
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
32110
x-jsd-version
1.0.1853
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230033-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"640-qEMicKCPY62+kDa5UOG/qwdgMhs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyZmoRhBVEflMgAo8zlA808R16h%2BtRG8%2BD1U41TQFpgfjPIhqWfp7u8CH4sd6yEhwbDuf9alCg2AcCrMzXckQGaT7dzXgCMKSs%2BcQbejyIo2LwY%2BkcXf3gkhTUKdo1%2BCtFIfl6%2FCywkTmimyi6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
81ba9e2f699d3619-FRA
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:08 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 23 Oct 2023 08:11:07 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
186234
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dv0J3G5bpM88p0lODZDf79Q%2BDKvCy%2BF1Hts0LFRTizkE%2BmqCcSCLEKyazCELAOvk2YJEZLlMhXoPSLSE5OTxs0ZLqyWb%2FwoGGBafuohW4854LnOIfOpx9POx7nCokonWAkIpjF%2BU29NltLs4"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
81ba9e2fe95965bb-FRA
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:20::2100 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
expires
0
2214042
bs.yandex.ru/prebid/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214042?imp-id=1&target-ref=www.zahav.ru&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
last-modified
Wed, 25 Oct 2023 12:56:09 GMT
x-yandex-req-id
1698238569145539-755194180546637567400309-production-app-host-vla-pcode-264
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.zahav.ru
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
Direct
expires
Wed, 25 Oct 2023 12:56:09 GMT
2214042
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214042?imp-id=1&target-ref=www.zahav.ru&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
last-modified
Wed, 25 Oct 2023 12:56:09 GMT
x-yandex-req-id
1698238569144654-516369666992571055200264-production-app-host-vla-pcode-385
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.zahav.ru
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 25 Oct 2023 12:56:09 GMT
2214042
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214042?imp-id=1&target-ref=www.zahav.ru&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
last-modified
Wed, 25 Oct 2023 12:56:09 GMT
x-yandex-req-id
1698238569135536-1600040726863037161000384-production-app-host-vla-pcode-178
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.zahav.ru
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 25 Oct 2023 12:56:09 GMT
2214042
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214042?imp-id=1&target-ref=www.zahav.ru&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
last-modified
Wed, 25 Oct 2023 12:56:09 GMT
x-yandex-req-id
1698238569146187-1554520317134068870100190-production-app-host-sas-pcode-444
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.zahav.ru
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 25 Oct 2023 12:56:09 GMT
2214042
bs.yandex.ru/prebid/ 		0
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214042?imp-id=1&target-ref=www.zahav.ru&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
last-modified
Wed, 25 Oct 2023 12:56:09 GMT
x-yandex-req-id
1698238569144573-1235248495931728381400177-production-app-host-vla-pcode-106
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.zahav.ru
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 25 Oct 2023 12:56:09 GMT
2214042
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214042?imp-id=1&target-ref=www.zahav.ru&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
last-modified
Wed, 25 Oct 2023 12:56:09 GMT
x-yandex-req-id
1698238569149655-867535292224014283300298-production-app-host-sas-pcode-559
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.zahav.ru
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 25 Oct 2023 12:56:09 GMT
2214042
bs.yandex.ru/prebid/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214042?imp-id=1&target-ref=www.zahav.ru&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
last-modified
Wed, 25 Oct 2023 12:56:09 GMT
x-yandex-req-id
1698238569145532-46632504908243598000190-production-app-host-vla-pcode-489
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.zahav.ru
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 25 Oct 2023 12:56:09 GMT
2214042
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214042?imp-id=1&target-ref=www.zahav.ru&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
last-modified
Wed, 25 Oct 2023 12:56:09 GMT
x-yandex-req-id
1698238569144369-696059563751744026300173-production-app-host-vla-pcode-394
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.zahav.ru
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 25 Oct 2023 12:56:09 GMT
2214042
bs.yandex.ru/prebid/ 		0
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bs.yandex.ru/prebid/2214042?imp-id=1&target-ref=www.zahav.ru&ssp-id=10500&ssp-cur=USD
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
last-modified
Wed, 25 Oct 2023 12:56:09 GMT
x-yandex-req-id
1698238569147372-1350285236895386845800333-production-app-host-sas-pcode-481
uniformat
true
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://www.zahav.ru
content-type
application/json; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
uniformat-product-type
None
expires
Wed, 25 Oct 2023 12:56:09 GMT
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
fastlane.json
fastlane.rubiconproject.com/a/api/ 		367 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Ftop_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=6159cad8-c0ec-41a2-ac18-14d4dea22f4f&l_pb_bid_id=42995001b91105f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=237af0fd-9bc5-451b-923f-d007ddb57299&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Ftop_desktop&slots=1&rand=0.5518006776195827
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d26836b464990120c8c1eface5c25ad0b1633ce885e68850d54d9e18493d45a3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
367
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		376 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=9&alt_size_ids=8%2C10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=6159cad8-c0ec-41a2-ac18-14d4dea22f4f&l_pb_bid_id=43279da27670c59&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=40413ba9-e79e-412a-a49d-28f822cdc14d&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.1998793586738692
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9bc2f45a9ad31d9fa83e70cc529d9aebfe732b00b79307add68b0e0aacb0631f

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
376
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		376 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=9&alt_size_ids=8%2C10%2C54&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=6159cad8-c0ec-41a2-ac18-14d4dea22f4f&l_pb_bid_id=44de90c0c0ba78c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=da6695e8-ccaa-43f0-9f5e-2f32c5081ab9&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop&slots=1&rand=0.08174343897002534
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bd885184bbf28bda8e8434ea3f41d2c05c1c27bba62a347c18c01216bab8afcf

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
376
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		380 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=9&alt_size_ids=8&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop_menu_down&tk_flint=pbjs_lite_v8.5.0&x_source.tid=6159cad8-c0ec-41a2-ac18-14d4dea22f4f&l_pb_bid_id=455c15594a308e9&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=766baf15-adf2-415d-a9cd-495169edb66b&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fskyscraper_desktop_menu_down&slots=1&rand=0.06630959699363315
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c2b2b12366bd3469f087ada638386546ccff9813189618ae4682a0726879b3e5

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
380
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		352 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=1&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fbaner_strip_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=6159cad8-c0ec-41a2-ac18-14d4dea22f4f&l_pb_bid_id=4603673f03c5cfb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=79ac9855-4e6e-434d-bcb4-57a3f51a5257&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fbaner_strip_desktop&slots=1&rand=0.33511892793252374
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
67aebe7262c900f0a73f2c510272dd5072eab4d7b819ae053fe7f813263164d4

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
352
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		362 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=15&alt_size_ids=1&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fvideo_box&tk_flint=pbjs_lite_v8.5.0&x_source.tid=6159cad8-c0ec-41a2-ac18-14d4dea22f4f&l_pb_bid_id=471eff72831a76e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=683a790a-6a91-4526-a205-be10c039bbde&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fvideo_box&slots=1&rand=0.8403516495938801
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5e1754083bce6379bf16761da5ddea322d7404f2072c847a2b3c893120fc4fa5

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
362
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		351 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=43&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fbanner_main_strip&tk_flint=pbjs_lite_v8.5.0&x_source.tid=6159cad8-c0ec-41a2-ac18-14d4dea22f4f&l_pb_bid_id=48afeb2364e6c05&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=3b2d02f4-9159-4d35-8bf4-832468da2d17&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fbanner_main_strip&slots=1&rand=0.9590912421341653
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dedf422240f5f1efdab9fd13ad1f360950ac83b49113a100f66dff3e70e7fe2d

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
351
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		358 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=15&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fmiddle_rectangle_desktop&tk_flint=pbjs_lite_v8.5.0&x_source.tid=6159cad8-c0ec-41a2-ac18-14d4dea22f4f&l_pb_bid_id=4971e2d20522ac6&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=98da8a99-ac2d-48dc-880a-aa9fcdb3ffa8&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fmiddle_rectangle_desktop&slots=1&rand=0.3056197672181076
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0be12e61cf032856054c7c216653f2ba8de871ec214d509c2df750f7094b22d2

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
358
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		354 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24684&site_id=431746&zone_id=2465516&size_id=43&rp_schain=1.0,1!valuad.io,15113,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.pbadslot=43010785%2Fzahav%2Fmain%2Fbanner_weather_strip&tk_flint=pbjs_lite_v8.5.0&x_source.tid=6159cad8-c0ec-41a2-ac18-14d4dea22f4f&l_pb_bid_id=50de939a54c5e94&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=67602575-c641-4800-928f-ca41ad2ce9ec&rp_maxbids=1&p_gpid=43010785%2Fzahav%2Fmain%2Fbanner_weather_strip&slots=1&rand=0.7838255702855512
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
27c2429fd2edbe6f4b2fdbe235f330ffeb023f41474f5c6b290885a866587527

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
354
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=715827
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
253a7d81bbd8a548a268491ecbecaaaecdfcfea15b4fbebbdb2d5b6d4aa8720e

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ce9SfHsI%2FJUrFTF5HmdO7gkfi7HugFYIXAZq3zEiReALMu1vL6VGgQU67VoOYjISAnCfdb%2BplGX481TO3nhq6mcKfEa9RRa8EBmMt9UYZYMslM4h7hCRuAcTkIrrlXM1bOyE76D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ba9e302eab6987-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.5.0&cb=76706829796&lsavail=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Wed, 25 Oct 2023 12:56:08 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid-request
a.teads.tv/hb/ 		16 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-35.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 25 Oct 2023 12:56:09 GMT
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atxXvOBJyr7ikVrkHcnlxd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atxXvOBJyr7ikVrkHcnlxd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atxXvOBJyr7ikVrkHcnlxd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atxXvOBJyr7ikVrkHcnlxd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atxXvOBJyr7ikVrkHcnlxd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atxXvOBJyr7ikVrkHcnlxd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atxXvOBJyr7ikVrkHcnlxd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atxXvOBJyr7ikVrkHcnlxd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		66 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=atxXvOBJyr7ikVrkHcnlxd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Wed, 25 Oct 2023 12:56:09 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
mp.4dex.io/ 		60 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
x-err
Parsing the Prebid Request. website archived
x-version
3.0.0-gcp-ams
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
81ba9e3099aa3810-FRA
expires
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
1c4815f16d5859fb25373766f7f867388b6cc9ce5f82a82a36b90054344e2a6e

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1248847122225354&correlator=842159945493005&eid=31079109%2C44782499&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=43010785%2Czahav%2Cmain%2Cprestitial_desktop%2Cstrip_KATAVA_desktop&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4&prev_iu_szs=1x1%2C480x175&ifi=1&sfv=1-0-40&ists=2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698238569060&lmt=1698231369&adxs=-12245933%2C490&adys=-12245933%2C1862&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.zahav.ru%2F&vis=1&psz=0x-1%7C480x0&msz=0x-1%7C480x0&fws=640%2C132&ohw=0%2C480&ga_vid=1682251483.1698238568&ga_sid=1698238569&ga_hid=659924368&ga_fc=true&dlt=1698238566122&idt=1624&prev_scp=slot_name%3Dprestitial_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dstrip_KATAVA_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1&adks=269758030%2C3897208859&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6b4a11051615beb12829724eb8ae535ed1f1a91d671fb3bb129362e4f7b7089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15012
x-xss-protection
0
google-lineitem-id
-2,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bd3d93a32f0006043ab2fcad439202fc29f027cb39f7706565050d3f7accbb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12450
x-xss-protection
0
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FF55 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
lg.php
cdn.firstimpression.io/delivery/ Frame 49FF 		1 B
630 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=97107%7C97109%7C97110%7C97111%7C97112%7C101155&campaignid=9%7C7%7C11%7C16%7C18%7C34&zoneid=114915%7C114915%7C114915%7C114915%7C114915%7C114915
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-54.prg50.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Oct 2023 12:56:09 GMT
Content-Encoding
gzip
Via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-cache, no-store, must-revalidate
X-Amz-Cf-Id
siFqSDh2CUd3oZaG5bVZqJ6Zeh8qM_pdavBfyuC-J56Iu8sjOQjzyA==
Expires
0
translator
hbopenbid.pubmatic.com/ Frame 49FF 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Wed, 25 Oct 2023 12:56:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 49FF 		309 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=9&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.figroup=a30&tk_flint=pbjs_lite_v7.46.0-pre&x_source.tid=e85e0a01-7266-41fd-a135-eb50492affe1&l_pb_bid_id=4c4d7f1c79b0bb&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=e85e0a01-7266-41fd-a135-eb50492affe1&rp_maxbids=1&slots=1&rand=0.8015276642479285
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
131a6447a4b2585e9e8b85a5a7f37b4911c794f9d72ddbf1920fafcadd1a2b2d

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
309
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 49FF 		36 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=711597
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8856ded00ce50cc8754d3542bc82d67e305b3c3b2cf49fb3fb0ed2303e99d50

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F1%2FIQVYBlLQjQx187%2FHII5M%2BUKQMgO6wkdQQYaSw7Fg1ldblImcpYRY%2FiAkpHmfC9vEXlKm9cRCjoHWFCbKIPBJafIx3xF7N3oBqkxhaVXTqMMFmfiMMlQuQrhiphM%2B5mIL8eTEL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ba9e3138676987-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebidjs
rtb.openx.net/openrtbb/ Frame 49FF 		53 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
dc12b4a709b8fcc97e0d3e88bfabd05ea578cc1c20b3d06be15491fe2ff51b2a

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ Frame 49FF 		139 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
765c7620d49d4ff0bcbfd93e483622c6f1e643899d8f989438ed2efa209685a4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
an-x-request-uuid
72c599a9-dd99-4058-b1f4-460555d0cf84
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame 9D29 		1 B
630 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=97069%7C97071%7C97072%7C97073%7C97074%7C101157&campaignid=9%7C7%7C11%7C16%7C18%7C34&zoneid=114913%7C114913%7C114913%7C114913%7C114913%7C114913
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-54.prg50.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Oct 2023 12:56:09 GMT
Content-Encoding
gzip
Via
1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-cache, no-store, must-revalidate
X-Amz-Cf-Id
tqNkvKCbSHn6b6bSsjd8lu6OPOQIRofejz-QSzVx541okNi-ObwoGw==
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 9D29 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=711593
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6dc70edcd8c8afe15597c78ae9d5356a284cff2545bcd161887652096f1caaf

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKzYT%2Bx4Hfru4noLZnur0dV%2BS8zq43NwxJ8XPvnhZJfB2j5YksdaTpHdqqpRcnTuDt6CtZdnPsZHcKyPrzrjroEcez0VpvKdl1EKxA5nHUZdRc915YUEaXDaBKt2db%2Bz61NZml1u"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ba9e31cc999110-FRA
alt-svc
h3=":443"; ma=86400
expires
0
prebidjs
rtb.openx.net/openrtbb/ Frame 9D29 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
7b4c045a333aa20aafa2d673e88421d2bab9e6b8b92d194f3c26d32730607d27

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebid
ib.adnxs.com/ut/v3/ Frame 9D29 		138 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aa7d5858f776d295f1474635ddc68f42619cd2630e00067b501d2dd076841b94
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
an-x-request-uuid
793b2b4d-51c8-4ea8-9b98-f1f499eb86ec
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 9D29 		310 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=15&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.figroup=a26&tk_flint=pbjs_lite_v7.46.0-pre&x_source.tid=3799eacf-3ef8-4a45-a1da-0269aa56f780&l_pb_bid_id=8becd5885237c4&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&x_imp.ext.tid=3799eacf-3ef8-4a45-a1da-0269aa56f780&rp_maxbids=1&slots=1&rand=0.8320201657777719
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8398298bd6429ac3587d9d2cdb1bf3d9d254cb36585aab6df858358918459e5a

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
310
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame 9D29 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Wed, 25 Oct 2023 12:56:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-DV74S5EBKL&v=3&t=t&pid=1126047744&cv=1&rv=3an0&tc=15&es=1&e=gtm.load&eid=8&u=AgAAAAAIAAAAACAg&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
lg.php
cdn.firstimpression.io/delivery/ 		1 B
635 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=105195&campaignid=949&zoneid=115822&dt=1&_fiid=A7&cb=56574678
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-54.prg50.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Oct 2023 12:56:09 GMT
Content-Encoding
gzip
Via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-cache, no-store, must-revalidate
X-Amz-Cf-Id
dL4zGs_ELlq7KdfUGmZiQ6rZvWCV8mQiqa4c49NWbGPneHeu2YhTxQ==
Expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.zahav.ru
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 25 Oct 2023 12:56:09 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame 790F 		1 B
630 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=104981%7C104982%7C104983%7C104984%7C104985%7C104986&campaignid=9%7C11%7C16%7C18%7C34%7C44&zoneid=115737%7C115737%7C115737%7C115737%7C115737%7C115737
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-54.prg50.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Oct 2023 12:56:09 GMT
Content-Encoding
gzip
Via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-cache, no-store, must-revalidate
X-Amz-Cf-Id
13aFEv3G9i5psC6lkdGNXuKRn9muVIiTgW3LZLuej9gobAKg_jymNg==
Expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 790F 		138 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
81739fd02bc2f3af1b68b7e43f4d3938467125bb562a2f179de94f61d0131f55
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
an-x-request-uuid
f4dee7eb-80d8-47ff-8a04-cb6106c4b118
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 790F 		310 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=15&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.figroup=a50&tk_flint=pbjs_lite_v7.46.0-pre&x_source.tid=c31e580c-aa5a-4196-aa15-fdac9756a9c2&l_pb_bid_id=4b6a3bc93ab95c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=c31e580c-aa5a-4196-aa15-fdac9756a9c2&rp_maxbids=1&slots=1&rand=0.1478302033703076
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
caee74d1c6a6f53b48e04d718406fe307b4f664756ef0653a902664223f9aa95

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
310
expires
Wed, 17 Sep 1975 21:32:10 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 790F 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.zahav.ru
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebidjs
rtb.openx.net/openrtbb/ Frame 790F 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
0e3fc291ae86aa2ccec9afae5b0f40229c730d71ecb18e5c441a7d3ef8ebd274

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ Frame 790F 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Wed, 25 Oct 2023 12:56:08 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 12:56:09 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ Frame 9D29 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 08:11:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
17051
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135316
x-xss-protection
0
server
cafe
etag
9779678222609117831
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 24 Oct 2024 08:11:58 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ Frame 790F 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135328
x-xss-protection
0
server
cafe
etag
16474413789440466402
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 24 Oct 2024 12:04:02 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/ Frame 49FF 		420 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 10:36:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
8383
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134989
x-xss-protection
0
server
cafe
etag
2612702921649259081
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 24 Oct 2024 10:36:26 GMT
analytics
hb-dot-valuad.appspot.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id,x-vad-version
Access-Control-Request-Method
POST
Origin
https://www.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-request-id,x-vad-version
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-origin
https://www.zahav.ru
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 25 Oct 2023 12:56:09 GMT
server
Google Frontend
x-cloud-trace-context
a72dd7daece73ae1b36994ce57a47cc9
x-request-id
undefined
analytics
hb-dot-valuad.appspot.com/ 		16 B
35 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-dot-valuad.appspot.com/analytics
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
x-request-id
7c717fff-d3c3-48f7-a860-b53f87a818d7
x-vad-version
0.14.20

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
server
Google Frontend
etag
W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
x-cloud-trace-context
745056a59666c89556b45b1121d1b9ff
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
x-request-id
undefined
ads
securepubads.g.doubleclick.net/gampad/ 		519 KB
130 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1248847122225354&correlator=3455934107168430&eid=31079109%2C44782499&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=43010785%2Czahav%2Cmain%2Ctop_desktop%2Cskyscraper_desktop%2Cskyscraper_desktop_menu_down%2Cbaner_strip_desktop%2Cvideo_box%2Cbanner_main_strip%2Cmiddle_rectangle_desktop%2Cbanner_weather_strip&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10&prev_iu_szs=480x1%7C770x430%7C728x90%7C480x270%7C720x300%7C970x90%7C970x250%7C970x350%2C120x600%7C160x600%7C300x600%7C300x1050%2C120x600%7C160x600%7C300x600%7C300x1050%2C120x600%7C160x600%2C480x50%7C468x60%2C320x50%7C300x250%7C355x215%2C320x50%7C460x60%2C300x250%2C320x50%7C460x60&fluid=0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1698238569393&lmt=1698231369&adxs=315%2C1480%2C0%2C315%2C490%2C490%2C490%2C985%2C490&adys=15%2C0%2C0%2C752%2C485%2C750%2C1255%2C1845%2C2151&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C2%7C3%7C4&ucis=3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.zahav.ru%2F&vis=1&psz=970x0%7C120x-1%7C120x-1%7C160x0%7C480x0%7C480x0%7C480x0%7C300x0%7C480x0&msz=970x0%7C120x-1%7C120x-1%7C160x0%7C480x0%7C480x0%7C480x0%7C300x0%7C480x0&fws=4%2C516%2C516%2C4%2C4%2C4%2C4%2C4%2C4&ohw=970%2C120%2C120%2C160%2C480%2C480%2C480%2C300%2C480&ga_vid=1682251483.1698238568&ga_sid=1698238569&ga_hid=659924368&ga_fc=true&dlt=1698238566122&idt=1624&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dskyscraper_desktop_menu_down%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dbaner_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dvideo_box%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dbanner_main_strip%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dmiddle_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%7Cslot_name%3Dbanner_weather_strip%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1&adks=111351918%2C3986781459%2C3986781468%2C1647081971%2C4292339436%2C811035952%2C3937227143%2C1284453618%2C2515212461&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f47b64b8169907ea1a254f965d4dc5c9beca20fedf8feff5755e748888ce9062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133147
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 42B4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		131 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
beb263e245a0a8266be08c6f1160fe2209422f230b160d4d761d03fd1cddea8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
last-modified
Wed, 25 Oct 2023 10:49:09 GMT
server
cloudflare
age
0
etag
W/"a67db718fcbbd56aa7b058edfa241c4e2fc1791e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
81ba9e340a5b68fd-FRA
adagio.js
script.4dex.io/ 		75 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:09 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
186234
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 23 Oct 2023 08:11:06 GMT
Server
cloudflare
ETag
W/"42783f4dfb63346ef86cbdd3594314a1"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmxE7Eh5mHIiLGcn27ssGaUkXkuhIwh72Y%2FYYPHdHJebtjAbRDJPN%2FvBVeoTnl%2F0gGXReOyMjkKH%2B0IPxR2uLGPiTJx4YFW0GtmZlDKxZm8eX51QbUEvEeQ4GlqVpTtQCKHEt36PZ3%2BbZezc"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
81ba9e33eba265ce-FRA
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5190 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1652
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:28:37 GMT
expires
Thu, 24 Oct 2024 12:28:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6A5B 		829 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ac25fd37238e5c654fb1e07f986a2cfc6b0c11bfe555111e89203a745091f526
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Huhd5x6_q4Ph2olxtLJVAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Huhd5x6_q4Ph2olxtLJVAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Wed, 25 Oct 2023 12:56:09 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4AA9 		156 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b0189b1039f977291afe59ba58d7a3191e9876cf23fbb3cad0511c58bba17f45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hH-AAszbF5zHnohXKU4JB68RVCRupv7ulRj5yP_VdWVvtRI7osyMc1xz27Oc4F6auB5lerDG8sB4cw94_k5UuIwZZGGfeC0Pj6Tx0v5j0rZIK11WPGaG9nLOplmtmZi_6K-B8u57GyLAouluasr-X76BRKMpsspf6VQVY-Smd1HOPTrLtsBiUVVnwpY_3eN4336qGpChfG03P2JY-6EG_O3CR2HMq0RVxy6oOE2unv6SmO9KlMrQErdTgv7KDtW6qVePXw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
50219887
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 42B4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 42B4 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 42B4 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
454920
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42B4 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:09 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
outbid
outbid.firstimpression.io/v1/ Frame 49FF 		197 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-57.fra56.r.cloudfront.net
Software
/
Resource Hash
7ebb96737d10934759e7339c061dcd9a90798768219fb0b0dfa807b9947f2b88

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
content-length
197
x-amz-cf-id
28MLbJSQVwy5wurVSL2eEKH2Ix0mSPkjldhqlZgTTi1G1GtGZ2x0yg==
outbid
outbid.firstimpression.io/v1/ Frame 9D29 		232 B
505 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-57.fra56.r.cloudfront.net
Software
/
Resource Hash
1829f58310254fa9e3f383c7c5a8fd4e82e2677c562e50d431601fce60a973b7

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
content-length
232
x-amz-cf-id
0WOCMemkB8CQxLALQnxbcKcEZp36jRl0Yen1ZvCxX0RwPHgN1iVP5g==
outbid
outbid.firstimpression.io/v1/ Frame 790F 		197 B
469 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-57.fra56.r.cloudfront.net
Software
/
Resource Hash
fff28980f0a4e5ecb8b5c40070eabc7352939f2755f8d423846e7cfb6a725c48

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
content-length
197
x-amz-cf-id
YwJTdzBs_TRgoFnaXkgleaAsccPCDE9Y5OmNBFna0FAlHlQD4HA9hA==
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4AA9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:09 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4AA9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4AA9 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 19 Oct 2024 12:56:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4AA9 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 19 Oct 2024 12:56:09 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4AA9 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=3XnHHgBe2YPf5fgA55AyTnEXmEzeXIvjd0ZKRu_K6fjnsUBHOeb9yvH3BhIGXaayIP4tw8ykizoF8UWDGepPE68IiuJtc4R9FyQwzra8WTNMuOM-KktqNx0lo7NSrcOOOwzI29kMhIPRvf2-2p7yH34QgMzoVv-opItgIBlUUCz0UClKPK499_1tgsRMm1x0TnzRQDoQrVlElYMFz25tpfGAlFz1cFd3DK45Gw6WMyOFIMOuOIr7_U_4oUa60OWDaYVWfGYaHs_8zUUuRcXTQBXiCy24yYe3ygvwR3f3-f5dzUm8jUyjICufWHZ6h0qtwH16toL2N8QgoZBFSlkbNpwMXs7hRoQ5uPo44ZQMzBZs3aZF-2Qs7xCGwhllniHLsm7urMpNO9H_rrxjIO5gak-toDYcYYZDIyvjxezu2WqHcCD3sFwRuZiFOwnKVqihJGu1Xw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1961895
expires
Mon, 26 Jul 1997 05:00:00 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 25 Oct 2023 12:56:10 GMT
server
nginx/1.21.6
via
1.1 google
sodar
pagead2.googlesyndication.com/pagead/ Frame 6A5B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310180101&jk=1248847122225354&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
animejs.js
static.criteo.net/animejs/ Frame 4AA9 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:10 GMT
truncated
/ Frame 42B4 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d31b63e51fae01d7c59c211f49aed288b3c140c0968fc650072790c95322ed51

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 5190 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3267
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 12:01:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4AA9 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=346&m=0&partner=100829&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F100829%2F230114%2F9fd0fe3254e7472797e56c18d54d1260_d73c0f9f-38ee-4ec7-86aa-3bfc8c7b7731.png&v=3&w=196&rid=4&s=HAVAMM4c5DxMBTlkoiSs_o4R
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
99313aa44054ac4338812d8221ca851fe204c8663379f3a158671b623f820af3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
7563
expires
Wed, 02 Oct 2024 06:05:37 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4AA9 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F06%2FGEEKOM-PM.webp&v=3&w=400&rid=4&s=Q3LvS_yb6cRNyBNZgo8mf2S-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2a4da782ce2ba51b821c8efeea0dd8f26b6c164107aaf4f34706a2ec82258055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
8298
expires
Wed, 25 Oct 2023 13:11:13 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4AA9 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2022%2F08%2FTragetasche-3.jpg&v=3&w=400&rid=4&s=wDEG0Cx4kvrs2gLWCKjWXQa3&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2c8e28ce88db0e0f1917f963aea77f7dbe4020efceef471b21d7c54444982b70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
24518
expires
Fri, 17 Nov 2023 14:17:03 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4AA9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F10%2FAir12.webp&v=3&w=400&rid=4&s=WhHbChw2G1U_AuNTPFJ2QBCg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4a920ac8a357b492b991802b1d781790c9923a59d37c335f6b2d19cd39d100b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
7456
expires
Wed, 25 Oct 2023 13:09:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4AA9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F05%2FGEEKOM-Mini-FUN9.webp&v=3&w=400&rid=4&s=NRXOoIsgr9c2tEcgEFCocdmX&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b30c7585cffb26187b198ab10d4dced54f117b46767a3991eb7d74dd948fd44a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
13298
expires
Wed, 25 Oct 2023 13:53:02 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4AA9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F05%2FMini-IT8-GEEKOM-Mini-PC-i5-8259.webp&v=3&w=400&rid=4&s=Qyih5ZAPshy5Kg6TWRxO4les&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
10a147b0971c0008073b34952df223a76a6c09658e06a2afc1a160a7edf95db3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
6946
expires
Wed, 25 Oct 2023 13:16:20 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4AA9 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F08%2FGEEKOM-PM16-1080p-Monitor-1.webp&v=3&w=400&rid=4&s=yBL3u0MTIGHucfSpp4wDNlFK&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
5ec86fe055f703d79cee010fe657a9f65ae83d666880a1ba459116b3e033174e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
11536
expires
Wed, 25 Oct 2023 13:43:01 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4AA9 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F10%2FGKM-Combo-Tastatur-2.webp&v=3&w=400&rid=4&s=mLdHw90dWdm2X8475IH6axfB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
867f05b525e309e835db6f09dba939aa9462520f709fd32661e0d46c589b4380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
14118
expires
Wed, 25 Oct 2023 13:09:58 GMT
all
csm.eu.criteo.net/ Frame 4AA9 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=hH-AAszbF5zHnohXKU4JB68RVCRupv7ulRj5yP_VdWVvtRI7osyMc1xz27Oc4F6auB5lerDG8sB4cw94_k5UuIwZZGGfeC0Pj6Tx0v5j0rZIK11WPGaG9nLOplmtmZi_6K-B8u57GyLAouluasr-X76BRKMpsspf6VQVY-Smd1HOPTrLtsBiUVVnwpY_3eN4336qGpChfG03P2JY-6EG_O3CR2HMq0RVxy6oOE2unv6SmO9KlMrQErdTgv7KDtW6qVePXw&sds=2&rev=89023&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 Oct 2023 12:56:09 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4AA9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:10 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4AA9 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&u=%7Cbk6Tfcz1g82Rtr3ofmg5vZDpNltuXsUdC325hlMIEII%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANfe9MWsJAN8WhI3GTt6Z0DfSsFAQ2Ey2WITE8PjE5OJKvvGP6oupB7tFdmBVof4VZWiBLx-ejW6XDz69WnuBlLVoXOWGTHa-DCsTQ_UktxhiPUD5tBYXWbfIqRUPxDFX1rUC2De-qEl0C8ePBKcBnI9nGqeKO3stbHCHc7QZ4VAhtRQSM26R2brayK3PSbfnXHmJ26qHWlefWryYrrumFyAi-sSYMnU2hZxjB8rfVaJhkIq2mOZ2cdF1cKRvkEAP_aNb0Ee7pGFgtKW39qEoHZkT0dXdpau466kClSf7acwoMpEQ7bNC51fcmBmNH09le8x4KODbkKhBWrrVim1lMMh-6mqgxFyDZsYsaO-QHWDbyYasWO-pjwvB-ChqK9BWOYQwP4fG1zIlniNHxCtRW0jP8dn3hM6qrBt3FPPeXWq07wHCfOgGP-pHYkR4ulTcn-T1H-GCqFPDBdr1C9fjdw4Ak7CgQALr8p2tW8_Z3kGv2s_Sti-ulquSxnX5cUJbwzXBCl9S09gmXVK5z12zol5gPEeU5wg6Bf5-BFrdmfb7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC75U0aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSnAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izDkISpg__w6AzaxqU_KTd1iqf4MdKTvtoSjiSQXKXDH2JOURoedBFwB7gBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3RVtEVowFqHxSdGPtq5WcPEBm7pw%26client%3Dca-pub-4491659496372172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:10 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 49FF 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2235481794031604&correlator=2358347044198629&eid=31079134%2C31078932&output=ldjh&gdfp_req=1&vrg=202310240101&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A114915)_(wf%3A21921)_(b%3A101155)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Da4ff352a08235714%3AT%3D1698238569%3ART%3D1698238569%3AS%3DALNI_MaX95A1xtq1q1nNgMHjKJ5Ek2-lvw&gpic=UID%3D00000ca4008b3402%3AT%3D1698238569%3ART%3D1698238569%3AS%3DALNI_MZ8CO5IzQJIGWYhJefb-7bKmJ6nAQ&abxe=1&dt=1698238570212&adxs=315&adys=752&biw=1600&bih=1200&isw=160&ish=600&scr_x=0&scr_y=0&btvi=0&ucis=vm998u13lci5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.zahav.ru%2F&top=www.zahav.ru&vis=1&psz=160x-1&msz=160x-1&fws=256&ohw=0&ea=0&ga_vid=1682251483.1698238568&ga_sid=1698238570&ga_hid=2080588979&ga_fc=true&dlt=1698238568496&idt=1141&prev_scp=fi_group%3DG0%26fi_nohbfill%3Dfi_nohbfill%26fi_group_keys%3D%255Bobject%2520Object%255D&adks=1045267043&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f185da3274e362e135ae9d326d16d6c5dd44304cfd3f7b6bbb0137b343d8147d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14539
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 49FF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310240101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
415d5471329a4e27cc56cae84dee0d983c59954d8e72689bb3576902345fe314
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12149
x-xss-protection
0
container.html
4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DC0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:10 GMT
expires
Thu, 24 Oct 2024 12:56:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9D29 		496 B
267 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3602284328443891&correlator=2281226603160063&eid=31078934%2C31070233&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A114913)_(wf%3A21938)_(b%3A101157)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Da4ff352a08235714%3AT%3D1698238569%3ART%3D1698238569%3AS%3DALNI_MaX95A1xtq1q1nNgMHjKJ5Ek2-lvw&gpic=UID%3D00000ca4008b3402%3AT%3D1698238569%3ART%3D1698238569%3AS%3DALNI_MZ8CO5IzQJIGWYhJefb-7bKmJ6nAQ&abxe=1&dt=1698238570248&adxs=985&adys=1564&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=bzraeixmgtof&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.zahav.ru%2F&top=www.zahav.ru&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1682251483.1698238568&ga_sid=1698238570&ga_hid=1266457946&ga_fc=true&dlt=1698238568483&idt=1195&prev_scp=fi_group%3DG2%26fi_outbid%3Ddgsuvz%26fi_nohbfill%3Dfi_nohbfill%26fi_group_keys%3D%255Bobject%2520Object%255D&adks=1531426752&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
457d087404f504e13ce2557a88c71139c69ebd8cbb91967c224884717054ce40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9D29 		0
0
container.html
980f32f49bbaa4001f882563a2c53b4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 048F 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://980f32f49bbaa4001f882563a2c53b4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:10 GMT
expires
Thu, 24 Oct 2024 12:56:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 790F 		36 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1213991514968399&correlator=1455444587740549&eid=31079109%2C31078933&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A115737)_(wf%3A23014)_(b%3A104985)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Da4ff352a08235714%3AT%3D1698238569%3ART%3D1698238569%3AS%3DALNI_MaX95A1xtq1q1nNgMHjKJ5Ek2-lvw&gpic=UID%3D00000ca4008b3402%3AT%3D1698238569%3ART%3D1698238569%3AS%3DALNI_MZ8CO5IzQJIGWYhJefb-7bKmJ6nAQ&abxe=1&dt=1698238570276&adxs=985&adys=1835&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=d0nkoi3ry17e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.zahav.ru%2F&top=www.zahav.ru&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1682251483.1698238568&ga_sid=1698238570&ga_hid=1339026159&ga_fc=true&dlt=1698238568689&idt=1090&prev_scp=fi_group%3DG0%26fi_nohbfill%3Dfi_nohbfill%26fi_group_keys%3D%255Bobject%2520Object%255D&adks=196616898&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a57205464cec8887c2438d7a2c3ca62bfb07d6511a1a1d6ded75a392e3e553b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14570
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 790F 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0ead2fe4bf756879574711a9c1d4566156982ac22991d319924f43820fc5493
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12249
x-xss-protection
0
container.html
91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AD0D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:10 GMT
expires
Thu, 24 Oct 2024 12:56:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DBF6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1A78 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DCB2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1149 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310161805000/ Frame 8C23 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4ed98afdf07c26938026bc4321a292270ab5e88543721eb3742bdee15e7e522
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:19 GMT
age
157251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56087
x-xss-protection
0
server
sffe
etag
"ce965173ccfc061f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:19 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 8C23 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b545845a2273d287b89de2dad629d30137ceb38d1ce78fa423e6980c00b368f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:19 GMT
age
157251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5214
x-xss-protection
0
server
sffe
etag
"074ac5099ebe1c18"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:19 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 8C23 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ba86813c2f8c836d52722a88a63de130aa006799e180ab3649adf02d1a4a0cc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:19 GMT
age
157251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29090
x-xss-protection
0
server
sffe
etag
"28725fc6b633962c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:19 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 8C23 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcbc708657f35c221e95dc2b142ea95a0c45653489b7823f29284b18afe92785
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:19 GMT
age
157251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1904
x-xss-protection
0
server
sffe
etag
"6742f79812773482"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:19 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310161805000/v0/ Frame 8C23 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310161805000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
296be36e260dedaaf7a6cadd800abc5bdfaf2873f8dfcef7f350862aae28c311
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 23 Oct 2023 17:15:19 GMT
age
157251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12961
x-xss-protection
0
server
sffe
etag
"7f93bdbf69ef7d3d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Oct 2024 17:15:19 GMT
css
fonts.googleapis.com/ Frame 8C23 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Oct 2023 12:56:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 11:14:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Oct 2023 12:56:10 GMT
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 647C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3DA1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FF4D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2ED2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:09 GMT
expires
Thu, 24 Oct 2024 12:56:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ru_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8C23 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ru_bl.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eaeb1ab013aa8b43e9d1f6d7fb3c9908efe4eab632422dd6b1e730f1b55b2b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 00:26:10 GMT
x-content-type-options
nosniff
server
cafe
age
45000
etag
12019156221131985488
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3036
x-xss-protection
0
expires
Thu, 26 Oct 2023 00:26:10 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8C23 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 06:58:21 GMT
x-content-type-options
nosniff
server
cafe
age
21469
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Thu, 26 Oct 2023 06:58:21 GMT
l
www.google.com/ads/measurement/ Frame 8C23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQSb_ah8xPa29d2dAA2g2b6lQvsaTMFza_myWkvQdp4ZGGh959QAWX-4DAYGn1YS5S_5r9nEAEDXip5wRTPQeAozkS4OA
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 8C23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Ckkf9aRA5ZcL4HaSn3gODkKWgBa7_2dxz_M7G6NgRhtLmrYkCEAEg0ZPDKmCV4pCCoAegAZroq8IpyAEGqQIGYaAIlMqxPuACAKgDAcgDCqoExgJP0NmcxSrXLC3SXQU4XyLtqyUb8a1JeY426sCJM28LLrUYB0XFrTM6kP1_fWjlFB878XhBTHZiAHbyiIczkFsgNu0nMDvQicQgsxLA6yO3mIVIzr-5W-qgJQ0vmaauiYR8ghwp3FFmjwUX5TwpuqN-5-7bMCgL36qz4HNriYW9SBc09Wl1clVLNdyn6k5EWcOCxMxsF2RIQ46C0oFq0CB0guCa3xVBR-XIY9mIDqtlNFqVMb2ErOJOEjEPydyBtYR2uM1fh_Mj06SqvHVjYmnwBnCjvsL_my2X2M131wOuIqHQGw7m8BJ53bsZlQj9VSmPtWoWHggt01kSw2BeQ3ewALCWU35vUBqKjDkNwP3YnwlABqeZNhiCXv-gEit8FffG2V5KeQAMf-Vdg-SiOTV5CaB1FQabXuz8Ladn6IzcVpPa3dHypMAEvt7o6bEE4AQBiAXg5-SNTJIFBAgEGAGSBQQIBRgEgAeaoPyhBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENOKA9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqaCSxodHRwczovL2pvYm1lc2guZGUvcnUtZ2VybWFueS93aXRob3V0LWdlcm1hboAKA8gLAaIMDCoKCgjktLEC7rWxAuINEwiC2rPVn5GCAxWkk3cKHQNICVTYEwvQFQGYFgGAFwGyFx4KHAgAEhRwdWItNzYyNzY1MDA4Njg5NTU5MBjx5hM&sigh=sZmjsd68gPQ&uach_m=[UACH]&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&template_id=492
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
truncated
/ Frame 8C23 		136 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6878b4c04dcb447d6b39de2d0ebca089e6c3d8196af59c6aea6269b9b0996bee

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8C23 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05dda565de388e3c910112811c340137ff7f51b83ecbde6a8e6a634b8377eab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8C23 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 05:04:01 GMT
x-content-type-options
nosniff
age
373929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Oct 2024 05:04:01 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 8C23 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 21:04:37 GMT
x-content-type-options
nosniff
age
489093
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15352
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:34:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Oct 2024 21:04:37 GMT
container.html
4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CEA3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:10 GMT
expires
Thu, 24 Oct 2024 12:56:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
cdn.firstimpression.io/habit/ Frame 49FF 		2 B
577 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-54.prg50.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Oct 2023 12:56:10 GMT
Access-Control-Request-Method
*
Via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Access-Control-Allow-Methods
OPTIONS, GET, POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.zahav.ru
X-Cache
Miss from cloudfront
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
2
X-Amz-Cf-Id
tYemr8-DJXhrE45ZbuIuWrytlkmyr_U6dqdMe5B-qlM8HNyQ0_Aq6Q==
container.html
91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5AB8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:10 GMT
expires
Thu, 24 Oct 2024 12:56:10 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
cdn.firstimpression.io/habit/ Frame 790F 		2 B
577 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-54.prg50.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Oct 2023 12:56:10 GMT
Access-Control-Request-Method
*
Via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Access-Control-Allow-Methods
OPTIONS, GET, POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.zahav.ru
X-Cache
Miss from cloudfront
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
2
X-Amz-Cf-Id
pAp2_Vfe1zCtFsAzL6rUZI0XPV6vuY8lRJBlsyAXROUCV8l_COKjdA==
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.4.9/ 		129 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.4.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed1923c11bbc7476e5d70e84dc04a17d81d54a919c355280da0e3bd7b7697040

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 c2bfbd57ba266fad66928f7d9fe2f1c6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P5
age
270420
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
34868
x-served-by
cache-fra-eddf8230031-FRA
last-modified
Sun, 22 Oct 2023 09:47:11 GMT
server
AmazonS3
x-timer
S1698238571.049204,VS0,VE0
etag
"aca69b0d8a163689f4017d7409a9540b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hG3APEhuTsF51RDEmG1m0WBZYhWnTE80eIfU-lFuqgb9Jaswh9Txkw==
x-cache-hits
48985
feed-card-placeholder.20231025-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231025-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-zahavru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
07cc69f447b0cbea31338798b030f74552f5992bdfcecb8c4503329a7c6e4c3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
RnzBZLdkCvU5cyUEmDuF3lQVnuoarzdz
content-encoding
gzip
via
1.1 varnish
date
Wed, 25 Oct 2023 12:56:10 GMT
x-amz-request-id
5DBK1W39CHH4C7YP
age
6947
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
QGe+yALy7xZR9v+TQmzyaXKs91mfypRRiGz6tVts306XYpBqaxW30XL4HavnyIFnFd0pNV2gHYg=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 25 Oct 2023 11:00:24 GMT
server
AmazonS3
x-timer
S1698238571.882592,VS0,VE0
etag
"4c997df69931123194312c26687d0eeb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
98
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17767
userx.20231025-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231025-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-zahavru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d982781caeacf01cd9b0ec341c0da72a535340d7d023f46d5f8ffc547c9774cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
srBADbabUChaE1nrOqqqTOdQkrANYXti
content-encoding
gzip
via
1.1 varnish
date
Wed, 25 Oct 2023 12:56:10 GMT
x-amz-request-id
7RFKJMMM6KNV03M3
age
6920
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
MNzE4J1beYxwQUU8VA1d+OfFIirDSCHjA87zrJZAGrS06J6uZ2gGiSKTijB+mO2Pa8t4+QTaadU=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 25 Oct 2023 11:00:51 GMT
server
AmazonS3
x-timer
S1698238571.905623,VS0,VE0
etag
"8ec87c220ed642c3c4ab9d579d01c152"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
63
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5424
distance-from-article.20231025-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231025-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-zahavru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
648f4dfc463bc2e7bec6650c4b8ab903e9c783aefe939fbee276482f36568898

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
h4jiVEjlzIBAlDDfTqMVtY70rcUDM7Wi
content-encoding
gzip
via
1.1 varnish
date
Wed, 25 Oct 2023 12:56:10 GMT
x-amz-request-id
10H3E142JX4XGMD6
age
6951
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
0ImdHCWAbekWvEeFMbfm2XSQRURvcoL6gG7Z2EGH/0l8y5OFgeRWvtLhhFmZZbfKBWAo7HuowXI=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 25 Oct 2023 11:00:20 GMT
server
AmazonS3
x-timer
S1698238571.907078,VS0,VE0
etag
"23bfb214068ffaf187ef89aa946daf76"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
85
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
20033
article-detection.20231025-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231025-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-zahavru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44f220214074809830e5330b821917c0e5b41711a41cca7601a2abaee35116b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
c8niHoekyg4irkWJIcTbykXilobcidcz
content-encoding
gzip
via
1.1 varnish
date
Wed, 25 Oct 2023 12:56:10 GMT
x-amz-request-id
RCTZBYTA4N8FJBXG
age
6958
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
+lswQOcPh6VXRJl46fNpA3/zoOfRKdpCfiJZUZKZLvrZfl5iV3HDP3kSzF5fu4wBI2nHHSNwhX8=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 25 Oct 2023 11:00:13 GMT
server
AmazonS3
x-timer
S1698238571.908218,VS0,VE0
etag
"656087d0da0fe7de84d2f9447a161462"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
87
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
20031
abtests
am-trc-events.taboola.com/wallail-zahavru/log/3/ 		0
245 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/3/abtests?route=AM:AM:V&tvi48=11593&tvi50=11820&lti=deflated&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22hp4u-excludeUrl%22%2C%22type%22%3A%22module%20initialized%22%2C%22eventTime%22%3A1698238570942%7D&tim=14%3A56%3A10.942&id=1265&llvl=2&ri=c37c83420801ffaf41d2773b5ff91a1b&sd=v2_fa71077458fca15124314b69ef80f1c6_9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8_1698238568_1698238568_CIi3jgYQouFcGNayoLe2MSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo6M-UzoD43eJUcAA&ui=9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8&pi=/&wi=-2142418538647094111&pt=home&vi=1698238568790&
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
https://www.zahav.ru
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/wallail-zahavru/log/3/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/3/abtests?route=AM:AM:V&tvi48=11593&tvi50=11820&lti=deflated&ri=c37c83420801ffaf41d2773b5ff91a1b&sd=v2_fa71077458fca15124314b69ef80f1c6_9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8_1698238568_1698238568_CIi3jgYQouFcGNayoLe2MSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo6M-UzoD43eJUcAA&ui=9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8&pi=/&wi=-2142418538647094111&pt=home&vi=1698238568790&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1698238570892%7D&tim=14%3A56%3A10.893&id=4801&llvl=2&cv=20231025-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
e47e3d51-f8f9-40e3-8450-d772f4732dc3
ressaymonstives.com/impression/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ressaymonstives.com/impression/e47e3d51-f8f9-40e3-8450-d772f4732dc3?site=wallail-zahavru&site_id=1519778&title=%C3%9Cberraschende+K%C3%BCchenrenovierungstrends+2023%3A+Enth%C3%BCllen+Sie+das+Unerwartete%21&platform=Desktop&campaign_id=29018997&campaign_item_id=3838073655&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fae062c328c01fa5b853497f7c3c711ab.jpeg&click_id=GiC3Um-79PP4ksQApmEf0rA_4cPdbWE5x-qg9CAXBXwrXCCSsVwo0d2oh5rGopGCAQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.23.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-23-231.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cache-control
no-store, no-cache, pre-check=0, post-check=0
server
nginx
expires
Thu, 01 Jan 1970 00:00:00 GMT
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Wed, 25 Oct 2023 12:56:10 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
3
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1698238571.975426,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
78
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
5
almoni-neue-aaa-600.woff
www.zahav.ru/public/font/almoni/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.zahav.ru/public/font/almoni/almoni-neue-aaa-600.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.86.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-86-11.fra60.r.cloudfront.net
Software
openresty/1.15.8.3 /
Resource Hash
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 14:47:49 GMT
via
1.1 google, 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 19 Oct 2023 15:17:56 GMT
server
openresty/1.15.8.3
x-amz-cf-pop
FRA60-P6
age
338901
etag
W/"e954-18b4883c0be"
x-cache
Hit from cloudfront
content-type
font/woff
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
59732
x-cached
MISS
x-amz-cf-id
Rj0rSLJtk-glLVqHroLfDw8LJXpmSVbgAkCq588DsFHzzXuq_fmXEg==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5D24 		624 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNWzKT0gzLFrvJECQfKS5q6LxXkhN-FIOGUVvtFcK5Z8FX6Db_omkCDq0gXNfU6Jc-Rgv-7Vf4h4h9uh_Qo-eyis5xA0zjPTkNGIafXFnJE0bly8Lnz7i6iLzZ5uPbgBctjMhgZF5HroYIgY_-Bj7ueeWbX7xld5ukXsvOcjc7Nvc6zol20
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame DBF6 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Origin
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 07:14:36 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame DBF6 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 00:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
44712
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:30:59 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame DBF6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:42:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
47602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:42:49 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DBF6 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
566674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame DBF6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 74C8 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame DBF6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DBF6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BFG4ukYzqOE11XPfqS36meGMKZrU10H2AIxHMK70P-KmqGaXWW0XU7-q_BrHc5dZJ8ydwWyumqQtLPHwTJRanzLMsSQ3hJyaAvX0YCv_mWdYkfs0E
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame DBF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRr12Cmv72c2H-4bDjV6bdBUvi2_Lxa_iEjpV8YoZlLsqhSNESOhrJTqDemK-p-vTpZVO5hEi-2b2-1vkluaStBx368cg
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DBF6 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 810F 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNXlwHjZYTWn43oMdvILtZpfOA5kZ5mXtD-rIdnmc84tHGAsKFe-fLLDY4b3T2BXg0Kn2T2eQze7GjP1vCv6W1PaexRmvUQPPBjicHUfB2RK9vuROIQx7Ohg-qjYwDBtykDIkrS8k-SPy5HpRxUwMTENpFUgMYXlFs2FC5cvWqJDZUAkXLo
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1A78 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A78 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DQWubXYGRlboQE0FDuBROgupCQXh8qyXU8utzK8XPZZqCczBKYbKCV3IQYULo3_YYg51wHR-kd2qTE2QNzpwwsMn_d72gYi2NPNLRwakZxZ_2HbjI
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A78 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12541189012254687052&x=1&ct=76
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1A78 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1A78 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
l
www.google.com/ads/measurement/ Frame 1A78 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1lv9IMpMD0jy5VYGTY3WLBBv6IbvQ-hJ6RO4U5Bu44T17PrexhvfJWAGWN9f-g884tLHAOGHWAX-UcXjRNzKAH3QR9g
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A78 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 42B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvCj6aRA5ZaOiCPGgjuwPyYSOgALJntKxXMWymPdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ0OTE2NTk0OTYzNzIxNzLIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgSkAk_Q6_98Sz3Pf3F7eP2GfimKTryrQwCTRiIHxQiA47pF9SpZvOj9ruPe5ho_4LzvB03jwvpQw55OuboVXxfKKK6-hoBq1Ubtj4MU743noJSDmakDAKYWmR2N5AEzQaRUdWZ2qaO5zZeerQTafd6KrbVeH844jMLPbOO9OJCFeWIy1iwVyGdmrGveIl9z20Ey_okTKgSqRRDoriJUZgU-Pgr6ATWS1NKMZiTtieCY3YrI9e81vXlEDPW1tHe0irLlo6Cr_3VLmeVo_NXSAvo-QvlyLQR8OvX1P659PwRSSMRRDRVtNEUEZRnFhyLWUDdgf7ONlMG1gD404yGSP3izTEAzNI9sE52Vuz1OcIQ0ciS46nFAYOPq_vCv54AoElGRoY78WTngBAGABqa0562IoPjCUaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDkxNjU5NDk2MzcyMTcyGPHmEw&sigh=vR-kt9mHQ_8&uach_m=[UACH]&cid=CAQSTADICaaNqmjaEkSPxGO1lPT2gCIKKNdXz9r_UafxqrEovbG1q822w605kRpUxSx6av-76ZHEg6AHLBDuM3hJ0YdbqWTXx2GV_wLi0n0YAQ&cbvp=2&vis=1
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 42B4 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k4DXFcvTaOADrwGdg2ICAgAAAI9v_qchM8M6UwfGnDwtHg8QaRA5ZWZwwX6rd3O308YAABIAAAoKQVFVQkR3RVBEdw&wp=ZTkQaQACESMHg5BxAAOCSXBZEJD8DmmA7-4_JQ&cbvp=2
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:10 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
151333
server
Kestrel
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame FC72 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWGd78736nPVtvetVCbjW58w2_ceLjACiYctZcfGSsGPE9oFOiOZmbndpdM_0KiQwdmb4pbyeLVmzI1JBl1uUr_1tTCwyNJ0z3wOfYoaqzUpymP0xV_9apKcf9wp0NUYtBPxZyaEGPZPh6K0C9zzs-51dKMpGy2II7OVGXxzEGiWeifDrE
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame DCB2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCB2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DgLV-B0Q7IAtkK4dsOivMUvKkaT3v55WMSTV0GNmSrxoXdxEcaynCO5tDkfF0tm7qARGP8fFq-WMT0SvU5yzU38vtTsENeBJn_oOHFBZ6m3G9aiiw
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCB2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5437148198146636459&x=1&ct=76
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame DCB2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame DCB2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
l
www.google.com/ads/measurement/ Frame DCB2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSi93fJllhywRoVQWLRnjH99zJfYCvUWvf5yYQLlJJCkkYtx9j0ONEO-vxChzx6IQkarrwUXf5Jqhv5M4HupWTogxTBYw
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DCB2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 49FF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310240101/pubads_impl.js?cb=31079134
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 12:56:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E0E4 		624 B
285 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjTuKTlATAB&v=APEucNVskw9XiiR4ItGpVKaeUZhLEcsJBesirTJtnHb_6cBv4y0IeiS4qJXh1zYlo5Ur1s1JVqzeQQTwWtu_0HAE-tGjt6b5MYMDG1DsHviyjugVCpWebQbudy5bf-lJwTKJ_-VOUdBFA33QgNLuUmEtPBAK_Y-X_3dCy1BlfFrVBdj5ImX4eoM
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1149 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Origin
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 16:21:57 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 1149 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 00:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
44712
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:30:59 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 1149 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:42:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
47602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:42:49 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1149 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
566674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1149 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4877 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 1149 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1149 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AQ4Z495QejPlY8oxRZk_Lwze2krcGPKrMItFiDCf3fOrCC715KDQi4ZzflkihyrE6RcSl8bMn54TvUEnhCrfNjgkUSwui3jSfThPWHl2FS51bvWNY
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l
www.google.com/ads/measurement/ Frame 1149 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRBXwT-iigSTtRtS-foBvKTgvXxW1oZ9CO7Lz-npgFve9gyLiiMNBen_A9t5BzIx-ZynXAiesqzVBFIT3EIW5epK_DuAA
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1149 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 706D 		640 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXDDN-tQUixL5EaC9MG7KoYuZOjEnjxXkV3Z7hgOfI9GzHnKaktfJ7rZD0b4u4FDX9dfmzilSVHMVG2AxCGeOtqlkMw2yxtNOuoZjuHPDRuIXHOsPmtS3BLdX8j5V-Ee9FFjAEURBc4C8tTM4qib6KGlEY8AauKV6ruAZrVfgGk192lXpQ
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 647C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 647C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A0qy1rHPrv2Eti_ogtJYX0-8mBTZZI4-XP4SD4MgxY9xia9v80_yrqL15xhH4cufGr66-dgg41qsuX5pgMjGtztPKDErmnj3lktraE3CaoywtJsjU
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 647C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2065509241962634852&x=1&ct=76
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 647C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 647C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
l
www.google.com/ads/measurement/ Frame 647C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9zkjuC1j_ALj3AeOkj4JQDP2hOy_FrD7OPqMbAAsXOkIZfhn1_l_TZRTp1xyGoNoKLA9afUPEfpXxyaB0vR2v_RChhg
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 647C 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 257F 		640 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxislrzGATAB&v=APEucNUTMd8DPOrXe2kx6t3E2uxbz6gvnPv9LwftxHfYLEKwjowY42AEW4l2om-6v79bf6eKk6L7SAz0QV_vqlpwQahxrCehaL8-Rk24NgRAmxmRIlZ2KGep5CYmYNQXZPNP9SsBH34vmSjd_V_dsuqaVY14AKVoXHsw9c9fdQUQIjbV0OCuDfE
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3DA1 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUwA7bNOh8ebqFfWPf2D6Q14ZgJSp254OEdnYjSJC_4DgSiQO83C6AZcK_uHbA-QpbB6qG4HXaNRCkazc2z5uaAW7siKtj0MoSYsl4z-E6AqSf_x8
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12028398269549882445&x=1&ct=77
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 3DA1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 3DA1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
l
www.google.com/ads/measurement/ Frame 3DA1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS3bAq4uUf9iYszd2n7bIHpG8YBvaHxX4q9yXiZQi4m3OAbEn-ZVAZjWBkeD7lskxLWnG352vgarFrLWi5KFVzPp91xJQ
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3DA1 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9F14 		640 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNVhMOCYe6ImbRIP_vQtYunRQdnzGtOLqI92qmEAAFOgCDy80L9FOfm3eXdVO49uACuoC1EzA95GL0e4KirPV7EWcTCg36bN1e4AEoBMt0B55dr0cWpaYhBkPN4_qqKo89BceZhAHX5A6rPLwQ1EiUPGOtc1PzSIqGAp-oWgFTuP_LOhhL0
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame FF4D 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Origin
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:14:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20495
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 07:14:36 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame FF4D 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 00:30:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
44712
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 00:30:59 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame FF4D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite_fy2021.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:42:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
47602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9137
x-xss-protection
0
server
cafe
etag
5200559654007170660
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:42:49 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame FF4D 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
566674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame FF4D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 38A5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46744
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame FF4D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FF4D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BmEXADUKjmL2xWgHaYhcmeiLk4nkxH0HvfF3bCq4HzAYXYOZCp0MC2TgTsj42wkbwOkEy3RvxION_sVuR-5cekdt5FgnteoY0j617-C515I5O2DxE
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FF4D 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FCC1 		466 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxislrzGATAB&v=APEucNXC226dtO2DU8G18-Ab6QI5xi0nuUE0BODfh_-XS0YPZaINyzJSCTYTleEyPUG5Cbpaudy6r3asldsNTb0BbZE5uZAkjeeASZOc5qn4hciViBd60FnIb1CAJEVOw37Bek-9URX9wpgyQz-vRE9a1xaVa8aCyKIdxClyL7bDYNvxDb5ddN4
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
215
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2ED2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31491
x-xss-protection
0
server
cafe
etag
6167930392490353973
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1vpMll08agxdeDaOFdD7BYBEFt1aPlcMPDAiR8oXPCs0VtJvkySj5a9Qro2VNAr87_nBSVwGeNg3rCK4kpS4f3WD4QnX-gPsjY_E9mz84btcChZs
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8267670395138575298&x=1&ct=77
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 2ED2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 2ED2 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
l
www.google.com/ads/measurement/ Frame 2ED2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJW1XO8ok04mgIq_yNpvEQKJfGGMSWgu_kiyGoZlwgWNF9uUbJD1K6X7Fc4-IzD4JD7wYbJdqop-MMrmiMtEc75XPCkA
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2ED2 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 790F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31079109
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 12:56:11 GMT
non-responsive-widget.20231025-5-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/non-responsive-widget.20231025-5-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/wallail-zahavru/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc5e78f2a9559d219b2da52930c2a4cdde5b20db54fc08f49c0ff7c6569499ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
qOXGykHb8MO_XH2bTHkM9iyEYkYIJ6IG
content-encoding
gzip
via
1.1 varnish
date
Wed, 25 Oct 2023 12:56:11 GMT
x-amz-request-id
EJFFCKAJ7RC6GH3G
age
6937
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5644
x-amz-id-2
aedk3QqMDCHX9OxrwbG9WZY3ImiF4PXM1ATapY0W1FLUZCuzUVXPq0roKy79oDour/sIKmMcSLY=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 25 Oct 2023 11:00:34 GMT
server
AmazonS3
x-timer
S1698238571.259137,VS0,VE0
etag
"76d883c76694f1f809bea7eb87a1a53a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
91
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.322&type=usage&msg=New_CTA-event-1698238571322&llvl=2&id=8894&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~8766261356742471917~~BIvnPTA4LivBt%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12183
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.323&type=usage&msg=New_CTA-event-1698238571323&llvl=2&id=8258&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~8766261356742471917~~BIvnPTA4LivBt%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12183
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.324&type=usage&msg=New_CTA-event-1698238571324&llvl=2&id=4992&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-6449746333578128162~~lF8TpkNVfT6f%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12183
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.324&type=usage&msg=New_CTA-event-1698238571324&llvl=2&id=4706&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-6449746333578128162~~lF8TpkNVfT6f%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12183
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.329&type=usage&msg=New_CTA-event-1698238571329&llvl=2&id=4765&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-1743712197967676867~~jNpO8jKhK7nh%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12183
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.330&type=usage&msg=New_CTA-event-1698238571330&llvl=2&id=6207&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-1743712197967676867~~jNpO8jKhK7nh%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12183
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.332&type=usage&msg=New_CTA-event-1698238571332&llvl=2&id=8264&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~4780858272251288133~~ZY37HvwhQFgXK%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12183
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.333&type=usage&msg=New_CTA-event-1698238571333&llvl=2&id=7635&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~4780858272251288133~~ZY37HvwhQFgXK%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12183
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.359&type=usage&msg=New_CTA-event-1698238571359&llvl=2&id=5374&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~7237851664169127147~~RnKyufyzUdEhK%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12037
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.360&type=usage&msg=New_CTA-event-1698238571360&llvl=2&id=8028&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~7237851664169127147~~RnKyufyzUdEhK%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12037
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.362&type=usage&msg=New_CTA-event-1698238571362&llvl=2&id=9552&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-730738813456301348~~nKsVCuzhWFx96%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12037
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.364&type=usage&msg=New_CTA-event-1698238571364&llvl=2&id=521&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-730738813456301348~~nKsVCuzhWFx96%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12037
61eb4ec9e95795260dfc24612cc5cfea.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61eb4ec9e95795260dfc24612cc5cfea.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa9b83421ee1d50fff5a187e72464ea8bd33d44171ee8ceb70e3e2ab77de0b45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61eb4ec9e95795260dfc24612cc5cfea.jpg
age
1165435
edge-cache-tag
414186718242799025182655711897975993814,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
414186718242799025182655711897975993814,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
500
req-referer
https://www.freenet.de/
content-length
4126
x-request-id
1db0b040beae3b85504efd36820e306c
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100095-IAD, cache-iad-kcgs7200072-IAD, cache-sna10736-LGB, cache-iad-kiad7000159-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 10 Sep 2023 22:10:26 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=5567,owidth=1000,oheight=600,obytes=519452
x-timer
S1698238571.376487,VS0,VE1
etag
"6212b6d81139f55a4e7f9f7e559b8493"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 48, 1
Progetto-senza-titolo-34_uid_6357e916ea6f7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//blog.intraprendenza.io/storage/uploads/2022/10/25/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//blog.intraprendenza.io/storage/uploads/2022/10/25/Progetto-senza-titolo-34_uid_6357e916ea6f7.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ab9e1311f35c6c3a1da2754a2f437d13ee78f688f9827b6e4d67ee8d1e3bde1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
6
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//blog.intraprendenza.io/storage/uploads/2022/10/25/Progetto-senza-titolo-34_uid_6357e916ea6f7.png
age
590904
edge-cache-tag
364919113585943718211688699135906020553,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
364919113585943718211688699135906020553,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
525
req-referer
https://www.freenet.de/
content-length
4656
x-request-id
9fc1fefeaf3775abc6672d7d63530b54
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kjyo7100031-IAD, cache-pdk-kpdk1780073-PDK, cache-iad-kcgs7200170-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 03:06:24 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=11040,owidth=600,oheight=400,obytes=207812
x-timer
S1698238571.375629,VS0,VE6
etag
"9b04823de103c3a00dd3ea6648a7260e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
e1682c08a66790b3dd5e290794e992ad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1682c08a66790b3dd5e290794e992ad.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c42f56902b30c8fcabe337e9af8b3fb5192647090c13b70aed65a84063a2396

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1682c08a66790b3dd5e290794e992ad.jpg
age
189785
edge-cache-tag
501036193995181478893652146390213979240,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
501036193995181478893652146390213979240,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
273
req-referer
https://www.freenet.de/
content-length
3138
x-request-id
2c1ae7aafcb73543285adc3f491bdde6
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kjyo7100051-IAD, cache-chi-klot8100068-CHI, cache-iad-kcgs7200132-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 22 Oct 2023 07:38:11 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=5954,owidth=1344,oheight=768,obytes=138604
x-timer
S1698238571.375765,VS0,VE1
etag
"c14590feca79eb9ed0d65f42c2ad76d4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
28531283662dc5d8d601e1f3edfe2b9c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/28531283662dc5d8d601e1f3edfe2b9c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e048207576a53281ae094c062f13dbcd6da5f9c8cc0ea82cf2dfe70e4bb192d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/28531283662dc5d8d601e1f3edfe2b9c.jpg
age
1217804
edge-cache-tag
369746666607864902838111539303277015598,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
369746666607864902838111539303277015598,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
996
req-referer
https://www.tippsundtricks.co/
content-length
8204
x-request-id
b03f51674e1da551035588133726b8fe
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000044-IAD, cache-iad-kjyo7100115-IAD, cache-iad-kiad7000083-IAD, cache-fra-eddf8230021-FRA
last-modified
Tue, 10 Oct 2023 14:58:18 GMT
server
nginx
surrogate-reporting
width=300,height=167,bytes=13288,owidth=5120,oheight=2880,obytes=3533924
x-timer
S1698238571.376172,VS0,VE1
etag
"b3e13637ed697c0b54f0c07b4303b158"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 1
84006304b8dbd0112bf4b9ef13b6a693.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84006304b8dbd0112bf4b9ef13b6a693.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1af4f17cd60a4ec9af0035c1f678cfb2d6a4ba307dd1a628a0807ff91d8ceb4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84006304b8dbd0112bf4b9ef13b6a693.jpg
age
1812153
edge-cache-tag
443934847335128928282202951359553798739,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
443934847335128928282202951359553798739,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
133
expiration
expiry-date="Wed, 06 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.faillissementsdossier.nl/
content-length
6328
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kjyo7100116-IAD, cache-ewr18165-EWR, cache-iad-kjyo7100089-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 06 Aug 2023 07:31:01 GMT
server
nginx
x-timer
S1698238571.376150,VS0,VE1
etag
"a6d70d470b0b2b11047d2e07b0313289"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 10, 1
13c3932c16f6aa989cf72fdf546df66e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13c3932c16f6aa989cf72fdf546df66e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38d832da671338ea8eda3b4f7f717cd30c7afe6ab7af0324f4ae4d5a8325be50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13c3932c16f6aa989cf72fdf546df66e.jpg
age
1285143
edge-cache-tag
390980409048198071175292984716379300051,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
390980409048198071175292984716379300051,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
438
req-referer
https://www.freenet.de/
content-length
4698
x-request-id
dddf21cd862f816aab8fa2d56468c355
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200121-IAD, cache-iad-kjyo7100178-IAD, cache-sna10744-LGB, cache-iad-kcgs7200165-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 09 Oct 2023 14:35:28 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=6340,owidth=612,oheight=408,obytes=32048
x-timer
S1698238571.376134,VS0,VE1
etag
"2b27d5502dbb142aff325144d9ec7fee"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
1fc45c63f8554cb95bc42a3d6415660d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fc45c63f8554cb95bc42a3d6415660d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61ddc98fd77a7634818e8f407b2de1c82039a93734c9e8578385e99565339266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fc45c63f8554cb95bc42a3d6415660d.jpg
age
664521
edge-cache-tag
609791959766936600902791546229196768398,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
609791959766936600902791546229196768398,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
39
expiration
expiry-date="Wed, 27 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cbsnews.com/
content-length
1724
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100032-IAD, cache-iad-kjyo7100156-IAD, cache-iad-kiad7000118-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 27 Aug 2023 01:15:45 GMT
server
nginx
surrogate-reporting
width=200,height=112,owidth=1000,oheight=668,obytes=387533
x-timer
S1698238571.404988,VS0,VE1
etag
"43ed273bdef441cc4d4f31267e5352f9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7, 1
f1f771d5eb81627e6dc964e1ab1a8e6f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1f771d5eb81627e6dc964e1ab1a8e6f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e45890c6677e347859c6190acbfb721d161b02e583983b098d8271b8f7420345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1f771d5eb81627e6dc964e1ab1a8e6f.jpg
age
3195220
edge-cache-tag
427548063698574527810860439746101835839,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
427548063698574527810860439746101835839,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
344
req-referer
https://www.karlsruhe-insider.de/
content-length
3006
x-request-id
a20f8bf480655cf0b88285f81c304e16
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100055-IAD, cache-iad-kiad7000025-IAD, cache-sna10735-LGB, cache-iad-kiad7000115-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 18 Sep 2023 10:46:32 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=4292,owidth=1200,oheight=800,obytes=590801
x-timer
S1698238571.404796,VS0,VE1
etag
"c15e060de4c67e2b2a5b45ee7c769a40"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 56, 1
3540353-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/4/0/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/4/0/3540353-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a2000abab5cc7c611a70982a43702aa7d8cc0cc151a35eedc47b7589e45bf141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/4/0/3540353-46.jpg
age
575688
edge-cache-tag
422403758396827375706965959900416457778,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
422403758396827375706965959900416457778,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
879
expiration
expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.zahav.ru/
content-length
18740
x-backend-name
US_nlb102
x-served-by
cache-iad-kcgs7200109-IAD, cache-iad-kiad7000089-IAD, cache-iad-kcgs7200158-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 02 Oct 2023 10:38:53 GMT
server
nginx
surrogate-reporting
width=300,height=167,bytes=33540,owidth=1080,oheight=606,obytes=140763
x-timer
S1698238571.404750,VS0,VE1
etag
"4c4dffac8d8856f2fec05af94dc1c7b4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
3360158-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/6/0/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/6/0/3360158-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55ff2ac1b932443cc0d8a4565f2cddd09d499d83984b24350abcc95623bfd8d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/6/0/3360158-46.jpg
age
575228
edge-cache-tag
297082701564597197171650868274731455135,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
297082701564597197171650868274731455135,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
2543
expiration
expiry-date="Sun, 22 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.zahav.ru/
content-length
14260
x-backend-name
US_nlb105
x-served-by
cache-iad-kcgs7200076-IAD, cache-iad-kiad7000096-IAD, cache-iad-kiad7000125-IAD, cache-fra-eddf8230021-FRA
last-modified
Thu, 21 Sep 2023 06:52:30 GMT
server
nginx
surrogate-reporting
width=300,height=167,bytes=24374,owidth=1200,oheight=673,obytes=106326
x-timer
S1698238571.404763,VS0,VE2
etag
"f38732034f5e162f1f63f2bf60db6051"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1
ae062c328c01fa5b853497f7c3c711ab.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ae062c328c01fa5b853497f7c3c711ab.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c10b833e48d8d5539007bea8c010670e39582aa80bb4c3d1de7174e809f7f9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
704
date
Wed, 25 Oct 2023 12:56:12 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ae062c328c01fa5b853497f7c3c711ab.jpeg
age
0
edge-cache-tag
510668585916823868737192866904582775522,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
510668585916823868737192866904582775522,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, MISS
x-envoy-upstream-service-time
573
req-referer
https://www.zahav.ru/
content-length
5752
x-request-id
39a0434509966b1dac54ba8943cb9574
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200142-IAD, cache-iad-kjyo7100079-IAD, cache-lga21923-LGA, cache-iad-kcgs7200141-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 18 Oct 2023 14:31:35 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=10027,owidth=1000,oheight=667,obytes=633045
x-timer
S1698238571.404426,VS0,VE704
etag
"a14fccb8aa3c67c15fc3dcc145d4661c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 0
ade409932065ae874e2286e7cd5bda59.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ade409932065ae874e2286e7cd5bda59.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e06a01ff863b19fff735f26c582b800ca396ec26df4fc6c8031a8f3caaa4c9af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
90
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ade409932065ae874e2286e7cd5bda59.gif
age
4021
edge-cache-tag
410525681661481829585333891681888905716,614524799708851957906337891690524885031,29ecf9b93bbf306179626feeda1fab70
cache-tag
410525681661481829585333891681888905716,614524799708851957906337891690524885031,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT
expiration
expiry-date="Fri, 08 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
258449
x-backend-name
addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kiad7000157-IAD, cache-iad-kiad7000157-IAD, cache-fra-eddf8230021-FRA
last-modified
Tue, 08 Aug 2023 06:18:57 GMT
server
cloudinary
x-timer
S1698238571.404447,VS0,VE90
etag
"0b4015bb6ec93a2a51896ec93a40ae52"
vary
ImageFormat
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2044, 1
bd2d825621ffeed5d210276005224038.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bd2d825621ffeed5d210276005224038.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e64ffcbfadf8294589670bf28de0f2318eee59c3628665d2308a04b52d21a7fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bd2d825621ffeed5d210276005224038.png
age
1413913
edge-cache-tag
291455565175375282929095824062268235737,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
291455565175375282929095824062268235737,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
78
expiration
expiry-date="Fri, 27 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://adeptosdebancada.com/
content-length
2076
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000088-IAD, cache-iad-kiad7000041-IAD, cache-iad-kcgs7200167-IAD, cache-fra-eddf8230021-FRA
last-modified
Tue, 26 Sep 2023 23:44:34 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=3244,owidth=1344,oheight=896,obytes=1258105
x-timer
S1698238571.416586,VS0,VE5
etag
"e34838d886c724a8461481e0f663c3e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 66, 1
rum
dsum-sec.casalemedia.com/ Frame 5D24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNWzKT0gzLFrvJECQfKS5q6LxXkhN-FIOGUVvtFcK5Z8FX6Db_omkCDq0gXNfU6Jc-Rgv-7Vf4h4h9uh_Qo-eyis5xA0zjPTkNGIafXFnJE0bly8Lnz7i6iLzZ5uPbgBctjMhgZF5HroYIgY_-Bj7ueeWbX7xld5ukXsvOcjc7Nvc6zol20
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5TMxoIjQlKkaKsXg8thp0snkM3K6mKJqAfs4PVf%2BsfYuK%2BXfl0CE%2BcToIyJiLBniKKOQLYj23QQZl2Pj5b9YA%2FNirGcE6knD7n%2B1DzLLSUNwJUbKRE5wj167nhyoy70139nFvvkYfVD2%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e4019a09110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5D24
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNWzKT0gzLFrvJECQfKS5q6LxXkhN-FIOGUVvtFcK5Z8FX6Db_omkCDq0gXNfU6Jc-Rgv-7Vf4h4h9uh_Qo-eyis5xA0zjPTkNGIafXFnJE0bly8Lnz7i6iLzZ5uPbgBctjMhgZF5HroYIgY_-Bj7ueeWbX7xld5ukXsvOcjc7Nvc6zol20
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fxZ1FWnPW%2B7tjS141%2F7vDGqkQwxLHtg%2FoMZySKd9GddnZIS0svwf%2F9Y8eCqcuPxNpaUa7J4vG%2BQqKHHWEGgDJfC4H3BUJmZqPzwyTb8kx4ZJGuqXqIcYaViavZ8vrp9wEHms3HK5s3C9Iw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e4059e19110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 5D24
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECDHQ5_JvBnCbtzlOuXhv84&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
43 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNWzKT0gzLFrvJECQfKS5q6LxXkhN-FIOGUVvtFcK5Z8FX6Db_omkCDq0gXNfU6Jc-Rgv-7Vf4h4h9uh_Qo-eyis5xA0zjPTkNGIafXFnJE0bly8Lnz7i6iLzZ5uPbgBctjMhgZF5HroYIgY_-Bj7ueeWbX7xld5ukXsvOcjc7Nvc6zol20
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
f6d0e28b-4bc3-468f-b367-fa25b227e55f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
28aa0723-b9c6-4a0f-8926-39b0381f6e0e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5D24
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIYmq_V5gEwAQ&v=APEucNWzKT0gzLFrvJECQfKS5q6LxXkhN-FIOGUVvtFcK5Z8FX6Db_omkCDq0gXNfU6Jc-Rgv-7Vf4h4h9uh_Qo-eyis5xA0zjPTkNGIafXFnJE0bly8Lnz7i6iLzZ5uPbgBctjMhgZF5HroYIgY_-Bj7ueeWbX7xld5ukXsvOcjc7Nvc6zol20
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
4e7da811-2e5f-4b5a-909c-9cf642974a60
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FC72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWGd78736nPVtvetVCbjW58w2_ceLjACiYctZcfGSsGPE9oFOiOZmbndpdM_0KiQwdmb4pbyeLVmzI1JBl1uUr_1tTCwyNJ0z3wOfYoaqzUpymP0xV_9apKcf9wp0NUYtBPxZyaEGPZPh6K0C9zzs-51dKMpGy2II7OVGXxzEGiWeifDrE
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTN4JBwSTWcpWGFeKUlOq0ScnjMh%2B7Gi9NPPorcpTfnZMxMvmRFwWRDohwH7nYBEda3EzEl8keFv5qLAOMXY%2FBxqyaFQ31MvStzGR0y%2FIM2aK7dv%2FfOMRumgrQv2PZWRe%2B3HsqgDoosuag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e40198d9110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FC72
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWGd78736nPVtvetVCbjW58w2_ceLjACiYctZcfGSsGPE9oFOiOZmbndpdM_0KiQwdmb4pbyeLVmzI1JBl1uUr_1tTCwyNJ0z3wOfYoaqzUpymP0xV_9apKcf9wp0NUYtBPxZyaEGPZPh6K0C9zzs-51dKMpGy2II7OVGXxzEGiWeifDrE
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOOfKGuLGwENqzri3dDamdXWD%2BeBfmqA8b385F1M3JzPWLRysVwikwMbO8HUYY%2FJlnfFqSU9dymrUBkUZk2yxhxWUXy1jtonuRkyEhiPmIU7LTyxC7COyu0OoK1yxGwEgxB%2FTWBVR7RNDg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e4049d09110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame FC72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECDHQ5_JvBnCbtzlOuXhv84&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
43 B
895 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWGd78736nPVtvetVCbjW58w2_ceLjACiYctZcfGSsGPE9oFOiOZmbndpdM_0KiQwdmb4pbyeLVmzI1JBl1uUr_1tTCwyNJ0z3wOfYoaqzUpymP0xV_9apKcf9wp0NUYtBPxZyaEGPZPh6K0C9zzs-51dKMpGy2II7OVGXxzEGiWeifDrE
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
46cb6cf5-ea3e-47c3-a41a-8fe1dc6eb9f1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
dc9f7f77-35f4-461d-a86c-25eba335c1c1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC72
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNWGd78736nPVtvetVCbjW58w2_ceLjACiYctZcfGSsGPE9oFOiOZmbndpdM_0KiQwdmb4pbyeLVmzI1JBl1uUr_1tTCwyNJ0z3wOfYoaqzUpymP0xV_9apKcf9wp0NUYtBPxZyaEGPZPh6K0C9zzs-51dKMpGy2II7OVGXxzEGiWeifDrE
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
a7a591fe-ca52-4133-b764-ef6976ec48d9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 810F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNXlwHjZYTWn43oMdvILtZpfOA5kZ5mXtD-rIdnmc84tHGAsKFe-fLLDY4b3T2BXg0Kn2T2eQze7GjP1vCv6W1PaexRmvUQPPBjicHUfB2RK9vuROIQx7Ohg-qjYwDBtykDIkrS8k-SPy5HpRxUwMTENpFUgMYXlFs2FC5cvWqJDZUAkXLo
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zk6U16yXQ9xu9BECaWDVbK2Ml5gWVg%2FaqNPrIWi0hp9SzdG8SzPTdKXPRyIfLeu3x7QWaCk3jAuMkQDsq70HSEONWPiD0Rb9j89myojEaE4rAnoSmHreXboND926EwlLjTu%2BY41ENN2Bsw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e4019a99110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 810F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNXlwHjZYTWn43oMdvILtZpfOA5kZ5mXtD-rIdnmc84tHGAsKFe-fLLDY4b3T2BXg0Kn2T2eQze7GjP1vCv6W1PaexRmvUQPPBjicHUfB2RK9vuROIQx7Ohg-qjYwDBtykDIkrS8k-SPy5HpRxUwMTENpFUgMYXlFs2FC5cvWqJDZUAkXLo
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CgQpkHzvAeCS6hUx%2F16DGMFPeoE2T845IrasVoB06jSiPEHOV1CBreaBVpHeH7h613z4mG6k0tGQsH0FMA9%2BM%2BQM42CdZA4Hj2%2F47F9LQiRd6Flb5XtdVHOdniV7tfbPvFdDUJjJf4%2FeNw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e4049d49110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 810F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECDHQ5_JvBnCbtzlOuXhv84&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
43 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNXlwHjZYTWn43oMdvILtZpfOA5kZ5mXtD-rIdnmc84tHGAsKFe-fLLDY4b3T2BXg0Kn2T2eQze7GjP1vCv6W1PaexRmvUQPPBjicHUfB2RK9vuROIQx7Ohg-qjYwDBtykDIkrS8k-SPy5HpRxUwMTENpFUgMYXlFs2FC5cvWqJDZUAkXLo
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
b9795597-5668-41e8-bf74-67722ab79bd0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
fffac7d8-a04c-46f2-aa20-8d6b8e95f8c8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 810F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGNSHw-ABMAE&v=APEucNXlwHjZYTWn43oMdvILtZpfOA5kZ5mXtD-rIdnmc84tHGAsKFe-fLLDY4b3T2BXg0Kn2T2eQze7GjP1vCv6W1PaexRmvUQPPBjicHUfB2RK9vuROIQx7Ohg-qjYwDBtykDIkrS8k-SPy5HpRxUwMTENpFUgMYXlFs2FC5cvWqJDZUAkXLo
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
cd4bde62-de6c-49cd-9530-98c08490054f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E0E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
43 B
741 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjTuKTlATAB&v=APEucNVskw9XiiR4ItGpVKaeUZhLEcsJBesirTJtnHb_6cBv4y0IeiS4qJXh1zYlo5Ur1s1JVqzeQQTwWtu_0HAE-tGjt6b5MYMDG1DsHviyjugVCpWebQbudy5bf-lJwTKJ_-VOUdBFA33QgNLuUmEtPBAK_Y-X_3dCy1BlfFrVBdj5ImX4eoM
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTUupZOKMmuCITaQoTIblR%2B7%2FET1Fbjbx%2BJYtvqy6aGblvVj5bDRYMt%2Fr9Cdzid%2BbjYRpycLP6BtJ5jw2o7V9u4wmNK%2FTbO7MsWvlPZvK93Cr%2Buu%2FOjypu%2FTCurD5IA6g4vatc0opUPyWg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e4019a59110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E0E4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjTuKTlATAB&v=APEucNVskw9XiiR4ItGpVKaeUZhLEcsJBesirTJtnHb_6cBv4y0IeiS4qJXh1zYlo5Ur1s1JVqzeQQTwWtu_0HAE-tGjt6b5MYMDG1DsHviyjugVCpWebQbudy5bf-lJwTKJ_-VOUdBFA33QgNLuUmEtPBAK_Y-X_3dCy1BlfFrVBdj5ImX4eoM
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7qLjVBiFD844%2FknP9%2F%2B9AugnG5%2Bpyt6YJDZn73SgyF5y90IK9GRZlRRBQ6T8DDPAvj8ma0PSrl56mkT4rmL8Rzzj9ODtljKPUzA3hWgPzNuybOJ4ohamtuIzOuZDM9sZ02tooYp9xlABg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e4059e29110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGdg_8SnG_7kpYHt-ifrxA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame E0E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECDHQ5_JvBnCbtzlOuXhv84&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
43 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjTuKTlATAB&v=APEucNVskw9XiiR4ItGpVKaeUZhLEcsJBesirTJtnHb_6cBv4y0IeiS4qJXh1zYlo5Ur1s1JVqzeQQTwWtu_0HAE-tGjt6b5MYMDG1DsHviyjugVCpWebQbudy5bf-lJwTKJ_-VOUdBFA33QgNLuUmEtPBAK_Y-X_3dCy1BlfFrVBdj5ImX4eoM
Protocol
H2
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
7897bd43-da5d-4953-adbf-454c864ae704
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
c988b79f-4481-4986-8f98-56725039aa5e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECDHQ5_JvBnCbtzlOuXhv84%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E0E4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNj8mwIQq6iuAhjTuKTlATAB&v=APEucNVskw9XiiR4ItGpVKaeUZhLEcsJBesirTJtnHb_6cBv4y0IeiS4qJXh1zYlo5Ur1s1JVqzeQQTwWtu_0HAE-tGjt6b5MYMDG1DsHviyjugVCpWebQbudy5bf-lJwTKJ_-VOUdBFA33QgNLuUmEtPBAK_Y-X_3dCy1BlfFrVBdj5ImX4eoM
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
e76da704-d525-4a1c-a11c-88e0b84e4679
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 991A 		49 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Requested by
Host: 4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
URL: https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3d431fd4365112cd8ed3c74e380f8cd2002aca023613b0b481f1a58dd03f87c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:10 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=2QXS3czbF5zHnohXqMlUhECyPVzPFrHMAN3_s4CQoAwflIPNlNA95OULLjoMRc7Mdnf25k9zLNEa37MdnjVdREc_gw7VlpYqy7DI4WlmloCpVdhPojaRrmd2jLXhBbNajexHLCCIMzgH--1keebGfQQUTNhHDcSVJgx8VlqI3ZDf34MIvnoQGy-VKQKFfe-QNqrpQN_FD-CPyxfhN51XvJq6_31AX6i_ujLUjph4pTwUlZJH3Q4zWzRUrAck5iu6SZxgCg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
2822207
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame CEA3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
URL: https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame CEA3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
URL: https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
l
www.google.com/ads/measurement/ Frame CEA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTivNdp5moJi62OKchjKeiwv2ms0QAcIgUziTvQU9a7u2jECS9l8rOf4LK4B-sNzDhzmXUy
Requested by
Host: 4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
URL: https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CEA3 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
URL: https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
454922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CEA3 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
URL: https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.540&type=usage&msg=New_CTA-event-1698238571540&llvl=2&id=9460&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-7507013363830996236~~vosBYe3NlsFh%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12019
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.545&type=usage&msg=New_CTA-event-1698238571545&llvl=2&id=7794&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22filter-no_link%22%2C%22itemId%22%3A%22~~V1~~-7507013363830996236~~vosBYe3NlsFh%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12019
sd
us-u.openx.net/w/1.0/ Frame 706D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXDDN-tQUixL5EaC9MG7KoYuZOjEnjxXkV3Z7hgOfI9GzHnKaktfJ7rZD0b4u4FDX9dfmzilSVHMVG2AxCGeOtqlkMw2yxtNOuoZjuHPDRuIXHOsPmtS3BLdX8j5V-Ee9FFjAEURBc4C8tTM4qib6KGlEY8AauKV6ruAZrVfgGk192lXpQ
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 706D 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXDDN-tQUixL5EaC9MG7KoYuZOjEnjxXkV3Z7hgOfI9GzHnKaktfJ7rZD0b4u4FDX9dfmzilSVHMVG2AxCGeOtqlkMw2yxtNOuoZjuHPDRuIXHOsPmtS3BLdX8j5V-Ee9FFjAEURBc4C8tTM4qib6KGlEY8AauKV6ruAZrVfgGk192lXpQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 706D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXDDN-tQUixL5EaC9MG7KoYuZOjEnjxXkV3Z7hgOfI9GzHnKaktfJ7rZD0b4u4FDX9dfmzilSVHMVG2AxCGeOtqlkMw2yxtNOuoZjuHPDRuIXHOsPmtS3BLdX8j5V-Ee9FFjAEURBc4C8tTM4qib6KGlEY8AauKV6ruAZrVfgGk192lXpQ
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 12:56:11 GMT
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 706D 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGLaEw-ABMAE&v=APEucNXDDN-tQUixL5EaC9MG7KoYuZOjEnjxXkV3Z7hgOfI9GzHnKaktfJ7rZD0b4u4FDX9dfmzilSVHMVG2AxCGeOtqlkMw2yxtNOuoZjuHPDRuIXHOsPmtS3BLdX8j5V-Ee9FFjAEURBc4C8tTM4qib6KGlEY8AauKV6ruAZrVfgGk192lXpQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 12:56:11 GMT
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 257F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxislrzGATAB&v=APEucNUTMd8DPOrXe2kx6t3E2uxbz6gvnPv9LwftxHfYLEKwjowY42AEW4l2om-6v79bf6eKk6L7SAz0QV_vqlpwQahxrCehaL8-Rk24NgRAmxmRIlZ2KGep5CYmYNQXZPNP9SsBH34vmSjd_V_dsuqaVY14AKVoXHsw9c9fdQUQIjbV0OCuDfE
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 257F 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxislrzGATAB&v=APEucNUTMd8DPOrXe2kx6t3E2uxbz6gvnPv9LwftxHfYLEKwjowY42AEW4l2om-6v79bf6eKk6L7SAz0QV_vqlpwQahxrCehaL8-Rk24NgRAmxmRIlZ2KGep5CYmYNQXZPNP9SsBH34vmSjd_V_dsuqaVY14AKVoXHsw9c9fdQUQIjbV0OCuDfE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 257F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxislrzGATAB&v=APEucNUTMd8DPOrXe2kx6t3E2uxbz6gvnPv9LwftxHfYLEKwjowY42AEW4l2om-6v79bf6eKk6L7SAz0QV_vqlpwQahxrCehaL8-Rk24NgRAmxmRIlZ2KGep5CYmYNQXZPNP9SsBH34vmSjd_V_dsuqaVY14AKVoXHsw9c9fdQUQIjbV0OCuDfE
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 12:56:11 GMT
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 257F 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxislrzGATAB&v=APEucNUTMd8DPOrXe2kx6t3E2uxbz6gvnPv9LwftxHfYLEKwjowY42AEW4l2om-6v79bf6eKk6L7SAz0QV_vqlpwQahxrCehaL8-Rk24NgRAmxmRIlZ2KGep5CYmYNQXZPNP9SsBH34vmSjd_V_dsuqaVY14AKVoXHsw9c9fdQUQIjbV0OCuDfE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 12:56:11 GMT
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 9F14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNVhMOCYe6ImbRIP_vQtYunRQdnzGtOLqI92qmEAAFOgCDy80L9FOfm3eXdVO49uACuoC1EzA95GL0e4KirPV7EWcTCg36bN1e4AEoBMt0B55dr0cWpaYhBkPN4_qqKo89BceZhAHX5A6rPLwQ1EiUPGOtc1PzSIqGAp-oWgFTuP_LOhhL0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELQ36fX4t0RqmCKIjKVpWRc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 9F14 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNVhMOCYe6ImbRIP_vQtYunRQdnzGtOLqI92qmEAAFOgCDy80L9FOfm3eXdVO49uACuoC1EzA95GL0e4KirPV7EWcTCg36bN1e4AEoBMt0B55dr0cWpaYhBkPN4_qqKo89BceZhAHX5A6rPLwQ1EiUPGOtc1PzSIqGAp-oWgFTuP_LOhhL0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 9F14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNVhMOCYe6ImbRIP_vQtYunRQdnzGtOLqI92qmEAAFOgCDy80L9FOfm3eXdVO49uACuoC1EzA95GL0e4KirPV7EWcTCg36bN1e4AEoBMt0B55dr0cWpaYhBkPN4_qqKo89BceZhAHX5A6rPLwQ1EiUPGOtc1PzSIqGAp-oWgFTuP_LOhhL0
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 12:56:11 GMT
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOYU8B1oYww9dG5LtL2s8uk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9F14 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQm8iDzQIY4rfV5gEwAQ&v=APEucNVhMOCYe6ImbRIP_vQtYunRQdnzGtOLqI92qmEAAFOgCDy80L9FOfm3eXdVO49uACuoC1EzA95GL0e4KirPV7EWcTCg36bN1e4AEoBMt0B55dr0cWpaYhBkPN4_qqKo89BceZhAHX5A6rPLwQ1EiUPGOtc1PzSIqGAp-oWgFTuP_LOhhL0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 12:56:11 GMT
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame FCC1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPtQfD-7GTYPPnD2IuOCqM&google_cver=1
0
0
partner
sync.search.spotxchange.com/ Frame FCC1 		0
0
sync
ups.analytics.yahoo.com/ups/58269/ Frame FCC1 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxislrzGATAB&v=APEucNXC226dtO2DU8G18-Ab6QI5xi0nuUE0BODfh_-XS0YPZaINyzJSCTYTleEyPUG5Cbpaudy6r3asldsNTb0BbZE5uZAkjeeASZOc5qn4hciViBd60FnIb1CAJEVOw37Bek-9URX9wpgyQz-vRE9a1xaVa8aCyKIdxClyL7bDYNvxDb5ddN4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.562&type=usage&msg=New_CTA-event-1698238571562&llvl=2&id=5376&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~7105352222276577039~~uu63AZosmOzaX%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12266
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.563&type=usage&msg=New_CTA-event-1698238571563&llvl=2&id=7084&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22filter-no_link%22%2C%22itemId%22%3A%22~~V1~~7105352222276577039~~uu63AZosmOzaX%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12266
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.567&type=usage&msg=New_CTA-event-1698238571567&llvl=2&id=5290&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-has_cta%22%2C%22itemId%22%3A%22~~V1~~-3658471523214328776~~5s-cv0K5pjxN%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12266
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.568&type=usage&msg=New_CTA-event-1698238571568&llvl=2&id=900&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22event-available%22%2C%22itemId%22%3A%22~~V1~~-3658471523214328776~~5s-cv0K5pjxN%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12266
903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c44ffc6fd468ec88d421a3c6c581263ba38e93702ca14a7aaf32edebfc5a71e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
age
2053183
edge-cache-tag
392738696118879087880244372989716533787,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
392738696118879087880244372989716533787,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
80
req-referer
https://www.zahav.ru/
content-length
13844
x-request-id
c8544cfcfcc1573926040e79ddf80c33
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000158-IAD, cache-iad-kiad7000134-IAD, cache-iad-kjyo7100095-IAD, cache-fra-eddf8230021-FRA
last-modified
Fri, 22 Sep 2023 05:53:22 GMT
server
nginx
surrogate-reporting
width=240,height=134,bytes=20027,owidth=1694,oheight=998,obytes=290525
x-timer
S1698238572.575983,VS0,VE1
etag
"15e4fbf1824aacea61b878689053fac1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 10, 1
83376f2809752cdd34ecbc0815e3f8b6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83376f2809752cdd34ecbc0815e3f8b6.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb817e37184d03003484ba326a1bf5b9a030187d8cdb96bc00a6b139a67cb4db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83376f2809752cdd34ecbc0815e3f8b6.png
age
1833513
edge-cache-tag
575590346740773752554804482526820609317,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
575590346740773752554804482526820609317,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
165
expiration
expiry-date="Sun, 01 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.reviersport.de/
content-length
11948
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200051-IAD, cache-iad-kjyo7100062-IAD, cache-iad-kiad7000069-IAD, cache-fra-eddf8230021-FRA
last-modified
Thu, 31 Aug 2023 14:04:15 GMT
server
nginx
surrogate-reporting
width=240,height=134,owidth=1000,oheight=600,obytes=1136941
x-timer
S1698238572.575675,VS0,VE2
etag
"5f077b48f24b66122b7165baa38c8cae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 36, 1
a69654528a66399de924f122473d8f02.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a69654528a66399de924f122473d8f02.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
762eb5f116e45d61febb9d50833a12f46d6b4a8f55d11632e0216e8e9c756c80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a69654528a66399de924f122473d8f02.png
age
2341067
edge-cache-tag
374987358472160904801905375603795196288,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
374987358472160904801905375603795196288,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
35
expiration
expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
8858
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100163-IAD, cache-iad-kjyo7100097-IAD, cache-iad-kjyo7100069-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 28 Aug 2023 15:47:51 GMT
server
nginx
surrogate-reporting
width=360,height=240,owidth=1456,oheight=816,obytes=1065142
x-timer
S1698238572.576414,VS0,VE1
etag
"13770456901f7bf3426f6e864665013a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 159, 1
5619e65610ea963f492adc2fa491dba5.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5619e65610ea963f492adc2fa491dba5.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b37204b03ea6e49d045e6b7cf7d63ffe8e7c7546c0198c079e8447207ae7c25a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5619e65610ea963f492adc2fa491dba5.jpeg
age
1923411
edge-cache-tag
418422803756905994080594808344048590378,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
cache-tag
418422803756905994080594808344048590378,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
96
req-referer
https://www.heizsparer.de/heizung/heizkorper/fussbodenheizung/fussbodenheizung-vorlauftemperatur
content-length
9712
x-request-id
7a7966f886ec4e87772b0900e67bc659
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100055-IAD, cache-iad-kiad7000096-IAD, cache-iad-kiad7000052-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 20 Sep 2023 12:47:32 GMT
server
nginx
surrogate-reporting
width=600,height=400,bytes=23351,owidth=600,oheight=400,obytes=23458
x-timer
S1698238572.579727,VS0,VE2
etag
"a69ad77e0b3f008c30f1763f51752863"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
e9e093258dbe8a4b9d19a67d04b5579a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e9e093258dbe8a4b9d19a67d04b5579a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eede9245970d735974ed35d0a0277697e88e9c61501c92a0c321c047f5f73596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e9e093258dbe8a4b9d19a67d04b5579a.png
age
568446
edge-cache-tag
569286094237265361339446966550820136490,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
569286094237265361339446966550820136490,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
512
req-referer
https://www.tichyseinblick.de/kolumnen/aus-aller-welt/israel-im-kriegszustand/
content-length
10382
x-request-id
374d195e416c88c37de229c8d2bb8fb7
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kjyo7100147-IAD, cache-sna10740-LGB, cache-iad-kiad7000020-IAD, cache-fra-eddf8230021-FRA
last-modified
Fri, 06 Oct 2023 07:43:32 GMT
server
nginx
surrogate-reporting
width=360,height=240,bytes=14912,owidth=1000,oheight=600,obytes=699982
x-timer
S1698238572.579706,VS0,VE2
etag
"43802d26e18ccb1206e67e28d78efe05"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
eyJpdSI6IjRjMjhiM2YyYzgzMWM4ZDg3ZWUyZmZjMWZmM2ZkOWExZjJjM2Q1NTI1YmY1NTliN2JiMGI3NDVjZDRkM2UxYjMiLCJ3IjoxMDAwLCJoIjo2NjYsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjRjMjhiM2YyYzgzMWM4ZDg3ZWUyZmZjMWZmM2ZkOWExZjJjM2Q1NTI1YmY1NTliN2JiMGI3NDVjZDRkM2UxYjMiLCJ3IjoxMDAwLCJoIjo2NjYsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6bebb8dc1c07e226dfa85182754a8d2720f1e55fcae6c2356b8321c8b95b91ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjRjMjhiM2YyYzgzMWM4ZDg3ZWUyZmZjMWZmM2ZkOWExZjJjM2Q1NTI1YmY1NTliN2JiMGI3NDVjZDRkM2UxYjMiLCJ3IjoxMDAwLCJoIjo2NjYsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
age
3784178
edge-cache-tag
616800380921384694830320443410576985546,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
616800380921384694830320443410576985546,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
65
req-referer
https://www.eluniversal.com.mx/
content-length
12334
x-request-id
f56f9805beb03b56b2788e26ab84c234
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000039-IAD, cache-iad-kjyo7100149-IAD, cache-sna10738-LGB, cache-iad-kiad7000137-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 26 Aug 2023 20:56:55 GMT
server
nginx
surrogate-reporting
width=360,height=240,owidth=1000,oheight=666,obytes=500709
x-timer
S1698238572.617130,VS0,VE4
etag
"adde6444f94c5f51989d18d08590954e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 41, 1
3051149-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/5/1/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/5/1/3051149-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2a8f6319779780a67a4849b478e1066f7c6464bae51c711548e80f8eab7ef9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/5/1/3051149-46.jpg
age
1115704
edge-cache-tag
534985371119943635316950930281097279237,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
534985371119943635316950930281097279237,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
920
req-referer
https://www.zahav.ru/
content-length
10160
x-request-id
5be12fcf1ab6b4781381743b4d9e72b3
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000119-IAD, cache-iad-kiad7000176-IAD, cache-sna10728-LGB, cache-iad-kcgs7200043-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 24 Sep 2023 03:55:24 GMT
server
nginx
surrogate-reporting
width=360,height=240,bytes=13756,owidth=1200,oheight=674,obytes=48938
x-timer
S1698238572.617284,VS0,VE1
etag
"d187dedb1dff67ceb706381129e17592"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
afr.php
ads.eu.criteo.com/delivery/r/ Frame 54AD 		131 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Requested by
Host: 91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
URL: https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3cf184c738fc2280760894d2cd013982902e6e3a869b4e1832fcfd8e7992edae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=XeRUzMzbF5zHnohXU3xdArR0Z9PDMHvUxQZj4GxRmqjH02qdHk_thYuY0JOSrHhs4VANH2e6daH-zyDIRcbAkOvSlEgYGIf6_CnLuNBdkey5OePdJ-mMaSKyP-LzEuv4FYFMem8jGqNpe9HWKeDx7dkbq1n8ot3TJ4hbQAlfgtP2xKnNVTIikyBrhEyo5qMq3RWf4_kavB7moKR5AKidAdEpq_uKB9Q2PLBzz0kySfOqvUGMkrYpzG4Tw9ZdmcMe7qpPIw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
38021888
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 5AB8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
URL: https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3127
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 5AB8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
URL: https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
l
www.google.com/ads/measurement/ Frame 5AB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQ2NZilpFdtKB9n5rlfLPmlzed956XpVM9n7ar3_I0EFTGmJMmTz0q32q2BEt8jaPOLniF
Requested by
Host: 91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
URL: https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5AB8 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
URL: https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
454922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5AB8 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
URL: https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:11 GMT
debug
am-trc-events.taboola.com/wallail-zahavru/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/2/debug?tim=14%3A56%3A11.590&type=usage&msg=New_CTA-event-1698238571590&llvl=2&id=9106&cv=20231025-5-RELEASE&lt=deflated&file=new-cta-manager&method=&position=&extraData=%7B%22eventName%22%3A%22filter-post_render_branding_width_threshold%22%2C%22itemId%22%3A%22~~V1~~4780858272251288133~~ZY37HvwhQFgXK%22%2C%22additionalData%22%3A%7B%22mode%22%3A%22thumbs-feed-3x1%22%2C%22itemIndex%22%3A0%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13143
61eb4ec9e95795260dfc24612cc5cfea.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61eb4ec9e95795260dfc24612cc5cfea.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa9b83421ee1d50fff5a187e72464ea8bd33d44171ee8ceb70e3e2ab77de0b45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61eb4ec9e95795260dfc24612cc5cfea.jpg
age
1165435
edge-cache-tag
414186718242799025182655711897975993814,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
414186718242799025182655711897975993814,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
500
req-referer
https://www.freenet.de/
content-length
4126
x-request-id
1db0b040beae3b85504efd36820e306c
x-backend-name
LA_nlb204
x-served-by
cache-iad-kjyo7100095-IAD, cache-iad-kcgs7200072-IAD, cache-sna10736-LGB, cache-iad-kiad7000159-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 10 Sep 2023 22:10:26 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=5567,owidth=1000,oheight=600,obytes=519452
x-timer
S1698238572.653578,VS0,VE0
etag
"6212b6d81139f55a4e7f9f7e559b8493"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 48, 2
Progetto-senza-titolo-34_uid_6357e916ea6f7.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//blog.intraprendenza.io/storage/uploads/2022/10/25/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//blog.intraprendenza.io/storage/uploads/2022/10/25/Progetto-senza-titolo-34_uid_6357e916ea6f7.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ab9e1311f35c6c3a1da2754a2f437d13ee78f688f9827b6e4d67ee8d1e3bde1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//blog.intraprendenza.io/storage/uploads/2022/10/25/Progetto-senza-titolo-34_uid_6357e916ea6f7.png
age
590904
edge-cache-tag
364919113585943718211688699135906020553,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
364919113585943718211688699135906020553,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
525
req-referer
https://www.freenet.de/
content-length
4656
x-request-id
9fc1fefeaf3775abc6672d7d63530b54
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kjyo7100031-IAD, cache-pdk-kpdk1780073-PDK, cache-iad-kcgs7200170-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 04 Oct 2023 03:06:24 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=11040,owidth=600,oheight=400,obytes=207812
x-timer
S1698238572.656588,VS0,VE0
etag
"9b04823de103c3a00dd3ea6648a7260e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
e1682c08a66790b3dd5e290794e992ad.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1682c08a66790b3dd5e290794e992ad.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8c42f56902b30c8fcabe337e9af8b3fb5192647090c13b70aed65a84063a2396

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e1682c08a66790b3dd5e290794e992ad.jpg
age
189785
edge-cache-tag
501036193995181478893652146390213979240,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
501036193995181478893652146390213979240,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
273
req-referer
https://www.freenet.de/
content-length
3138
x-request-id
2c1ae7aafcb73543285adc3f491bdde6
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kjyo7100051-IAD, cache-chi-klot8100068-CHI, cache-iad-kcgs7200132-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 22 Oct 2023 07:38:11 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=5954,owidth=1344,oheight=768,obytes=138604
x-timer
S1698238572.656574,VS0,VE0
etag
"c14590feca79eb9ed0d65f42c2ad76d4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 2
28531283662dc5d8d601e1f3edfe2b9c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/28531283662dc5d8d601e1f3edfe2b9c.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e048207576a53281ae094c062f13dbcd6da5f9c8cc0ea82cf2dfe70e4bb192d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/28531283662dc5d8d601e1f3edfe2b9c.jpg
age
1217804
edge-cache-tag
369746666607864902838111539303277015598,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
369746666607864902838111539303277015598,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
996
req-referer
https://www.tippsundtricks.co/
content-length
8204
x-request-id
b03f51674e1da551035588133726b8fe
x-backend-name
US_nlb103
x-served-by
cache-iad-kiad7000044-IAD, cache-iad-kjyo7100115-IAD, cache-iad-kiad7000083-IAD, cache-fra-eddf8230021-FRA
last-modified
Tue, 10 Oct 2023 14:58:18 GMT
server
nginx
surrogate-reporting
width=300,height=167,bytes=13288,owidth=5120,oheight=2880,obytes=3533924
x-timer
S1698238572.656555,VS0,VE0
etag
"b3e13637ed697c0b54f0c07b4303b158"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 2
84006304b8dbd0112bf4b9ef13b6a693.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84006304b8dbd0112bf4b9ef13b6a693.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1af4f17cd60a4ec9af0035c1f678cfb2d6a4ba307dd1a628a0807ff91d8ceb4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/84006304b8dbd0112bf4b9ef13b6a693.jpg
age
1812153
edge-cache-tag
443934847335128928282202951359553798739,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
443934847335128928282202951359553798739,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
133
expiration
expiry-date="Wed, 06 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.faillissementsdossier.nl/
content-length
6328
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000106-IAD, cache-iad-kjyo7100116-IAD, cache-ewr18165-EWR, cache-iad-kjyo7100089-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 06 Aug 2023 07:31:01 GMT
server
nginx
x-timer
S1698238572.657087,VS0,VE0
etag
"a6d70d470b0b2b11047d2e07b0313289"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 10, 2
13c3932c16f6aa989cf72fdf546df66e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13c3932c16f6aa989cf72fdf546df66e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
38d832da671338ea8eda3b4f7f717cd30c7afe6ab7af0324f4ae4d5a8325be50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/13c3932c16f6aa989cf72fdf546df66e.jpg
age
1285143
edge-cache-tag
390980409048198071175292984716379300051,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
390980409048198071175292984716379300051,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
438
req-referer
https://www.freenet.de/
content-length
4698
x-request-id
dddf21cd862f816aab8fa2d56468c355
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200121-IAD, cache-iad-kjyo7100178-IAD, cache-sna10744-LGB, cache-iad-kcgs7200165-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 09 Oct 2023 14:35:28 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=6340,owidth=612,oheight=408,obytes=32048
x-timer
S1698238572.663558,VS0,VE0
etag
"2b27d5502dbb142aff325144d9ec7fee"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
1fc45c63f8554cb95bc42a3d6415660d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fc45c63f8554cb95bc42a3d6415660d.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61ddc98fd77a7634818e8f407b2de1c82039a93734c9e8578385e99565339266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1fc45c63f8554cb95bc42a3d6415660d.jpg
age
664521
edge-cache-tag
609791959766936600902791546229196768398,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
609791959766936600902791546229196768398,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
39
expiration
expiry-date="Wed, 27 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cbsnews.com/
content-length
1724
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100032-IAD, cache-iad-kjyo7100156-IAD, cache-iad-kiad7000118-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 27 Aug 2023 01:15:45 GMT
server
nginx
surrogate-reporting
width=200,height=112,owidth=1000,oheight=668,obytes=387533
x-timer
S1698238572.695841,VS0,VE0
etag
"43ed273bdef441cc4d4f31267e5352f9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 7, 2
f1f771d5eb81627e6dc964e1ab1a8e6f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1f771d5eb81627e6dc964e1ab1a8e6f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e45890c6677e347859c6190acbfb721d161b02e583983b098d8271b8f7420345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f1f771d5eb81627e6dc964e1ab1a8e6f.jpg
age
3195220
edge-cache-tag
427548063698574527810860439746101835839,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
427548063698574527810860439746101835839,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
344
req-referer
https://www.karlsruhe-insider.de/
content-length
3006
x-request-id
a20f8bf480655cf0b88285f81c304e16
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100055-IAD, cache-iad-kiad7000025-IAD, cache-sna10735-LGB, cache-iad-kiad7000115-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 18 Sep 2023 10:46:32 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=4292,owidth=1200,oheight=800,obytes=590801
x-timer
S1698238572.696075,VS0,VE0
etag
"c15e060de4c67e2b2a5b45ee7c769a40"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 56, 2
3540353-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/4/0/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/4/0/3540353-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a2000abab5cc7c611a70982a43702aa7d8cc0cc151a35eedc47b7589e45bf141

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/5/4/0/3540353-46.jpg
age
575688
edge-cache-tag
422403758396827375706965959900416457778,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
422403758396827375706965959900416457778,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
879
expiration
expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.zahav.ru/
content-length
18740
x-backend-name
US_nlb102
x-served-by
cache-iad-kcgs7200109-IAD, cache-iad-kiad7000089-IAD, cache-iad-kcgs7200158-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 02 Oct 2023 10:38:53 GMT
server
nginx
surrogate-reporting
width=300,height=167,bytes=33540,owidth=1080,oheight=606,obytes=140763
x-timer
S1698238572.696080,VS0,VE0
etag
"4c4dffac8d8856f2fec05af94dc1c7b4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
3360158-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/6/0/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/6/0/3360158-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
55ff2ac1b932443cc0d8a4565f2cddd09d499d83984b24350abcc95623bfd8d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_300%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/3/6/0/3360158-46.jpg
age
575228
edge-cache-tag
297082701564597197171650868274731455135,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
cache-tag
297082701564597197171650868274731455135,358564119087106814747413934348384878343,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
2543
expiration
expiry-date="Sun, 22 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.zahav.ru/
content-length
14260
x-backend-name
US_nlb105
x-served-by
cache-iad-kcgs7200076-IAD, cache-iad-kiad7000096-IAD, cache-iad-kiad7000125-IAD, cache-fra-eddf8230021-FRA
last-modified
Thu, 21 Sep 2023 06:52:30 GMT
server
nginx
surrogate-reporting
width=300,height=167,bytes=24374,owidth=1200,oheight=673,obytes=106326
x-timer
S1698238572.696303,VS0,VE0
etag
"f38732034f5e162f1f63f2bf60db6051"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2
bd2d825621ffeed5d210276005224038.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bd2d825621ffeed5d210276005224038.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e64ffcbfadf8294589670bf28de0f2318eee59c3628665d2308a04b52d21a7fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/bd2d825621ffeed5d210276005224038.png
age
1413913
edge-cache-tag
291455565175375282929095824062268235737,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
291455565175375282929095824062268235737,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
78
expiration
expiry-date="Fri, 27 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://adeptosdebancada.com/
content-length
2076
x-backend-name
US_nlb106
x-served-by
cache-iad-kiad7000088-IAD, cache-iad-kiad7000041-IAD, cache-iad-kcgs7200167-IAD, cache-fra-eddf8230021-FRA
last-modified
Tue, 26 Sep 2023 23:44:34 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=3244,owidth=1344,oheight=896,obytes=1258105
x-timer
S1698238572.696386,VS0,VE0
etag
"e34838d886c724a8461481e0f663c3e4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 66, 2
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A78 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7240964500584&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A78 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7240964500584&version=m202309260101&ct=76&x=1&cor=12541189012254687000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1A78 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTt4PfCMEnWbJZWLi3PU1npzgBGRBCMU7kqRUtu1BYmoTRTrvPz47V_oXUjdUgjHzt7LlfCbI64-RtXpyl_vsp28hRn8DOhXjcV_nWv0v5BmFvLQJX7H2q2wJNTUKtQtAW63RsdA-fgrFWNK_kpnFaOgk262gXAgAOZ_Aingr8gAhW1aM&dbm_d=AKAmf-D4g86WKstWWQMZeuJzE3fqYz04ErdbSCAeUqFt2bh96veGzD4UXySyfYGsPFJ2YlzY5S0RPGV38KB6hKb9teY2g2_34Yp2SNsNpM7jtzIecogSUlwTAi6zXoyEV7WzECC2zx-A5Cq92g4-YokPR-UdFXr2G0WM4Q4eRbx1B3NN8VJjA1xFB6BrMs-YPYNkh_4j1Y_i5eLVgzpuz5xxyV2pn9_VFgdxMPOzN46_2bcrvNhpIvEpKoTwsyLz0s7pAjmSlYvFqeRqlAMcLiS_zTr5kcszOuBtzjDLbLxVKRPGjAA1_1ViX96zL3fvWNnetL1uq99VkY7C_eMk3HgDue8pKdZ1ZYS5cKmRZK3GvbeZTei2Dd3myKY3FERRYzTqmER4hH2W0qGFk3oCRvXrF-YmF6LGsy2AXHdQNhw_TjWxrv9h3c6mE2AAIVWhSAg-JTNgOzbjoCpqbdWVkHej_1HNIrHhXZKM4pQRdh30LukwWAfhtISx-iuT6JqMi0i89zkvl7vO76prOhml_S6eGphZciNcezRRl-D7nfnTGIhe1Si__uVVCOkt_gsbkSO9RgGmnhoKRU4dGyRV93V1jrgZt4XJWxtDt_ya81cGC5-uwqvw9nMaCg_IL1kRJ5-V561PFPApgCaXpw3Ppp1n24sItTiDu8pPNN_HEa6K9TTWZzcKCSz_Nm0FXA3tnSAFrrMYT4PxUSM5wrlzZFDrV-NT0sLNzjyDq0mI-J9fxuSjx07h6HT190F7F_D5-WIv__F0BKQWRdki63MFXx83qTrWyZfdU9Pe4vBNbQA3874JQotpatCDnrZyatSTILMphhpMMnSiADVhEzlhLGWY4Ai62yXyNcn0FvqPu5G28TnPM9Rx1FKMzlw4uQcky9EzA7Q-RzncBXYykRH7krpsjBgcJ0lVoKdW7F553EH4jtPkWoM4dYN5_kguspke1PnJmMwRRwHC_TEgP50JKoSfr3erP7SaCrWpDJfCv-LH_xuvDyhmAc79XcPBHC-koiU9uVy_VTEX-LBn1V-wEudrFgYoPpEcJT_zPpa8wY7yMaYd43I9uY-GVXteJ3ztbuhWYKxJlOqnhMICEgTyL99Musv828VC_pdAGlKHSugVQ1vearpqEYKlxhn_JUUvzxNrMffa8XwkP19RKHw3UZIUfP5fW_YZ3kIGxTTWUoQIaFgV_WC19lTKsBSDY6MtOyhFl7Vcb7hba0VrIdftUyrPoHMrYMTvsW_NQz5eqNrma-1uHKeP-k58Ua5PxlCcdzgpYovMgouYsiJWqoUw0KRnRP_qCrsVKHcJb0aT0ymQhzogzD1adSQngqqOok8VqaeIHTQLlSsEDr7su-hfcdgwM1v-Vm-E5ER6MLYAbr0ObivcjmN7inBXWhsjVSW6Mn-zpKqtqq0df-90WxmC79y3iWHEUofqXvc3etrJgQ_9piEq0F6Onlx8fmqRfaXw9A5xrL11Y-IeSY2JORxdPGoZA_25hdahq_VBofwbJUvNXKsemVMDOGCqiEvMgBXK-YgE3F1wvdcAttA02WUyf7Hkm1vOS_wmIQxEjGBCCwjqWZq8I4sER9fcM5ThdR1gmMNv5EsdcAOVKqOX-0hTNRwpdXHeR3EX_R3ziEGRF2Mbj2X94p8CQ0JD19z4a6HbIf5n2b6RSbYJcUCln69Ev-50WOL52MFPONYv_LKYAw491xI5Ao_NQcfY0B5n9dX5YgLQcoZ9_8OxevP7cNsOTXHwzRbyyaEhjtZFmMmzE5YYpkLJ0Iz9wATWOGvZynu7ZDsRel0PHIbthwUohQBNKl95O0eB7B0JOsjTVlkFXt-mfsT6_-1lnAzxdqqdB6ZjoDCFtv6iVn6qpGHHl1D6jAUR37fbewNXXvAKkV1nPqHWIYnk7hpk1mFOovWWYFozM8cLHexiQBhci42H3RygMut7YGSdODwqXfyikDBbQjKlP7qAQfLCW-WcrCZtKsC0wiRigOjl1H5Pgp3a5DAGGzsjBunsyceSQUb4bkq9ewo5As1-MPHwekhl6bt4lzljLIytqG_zqqKg6XgenXxi7SetcYsabY4Qz9utNaxVcJpfD3Dct5Sn7y-HoPYfT6rvZ14Sm06H6zlDjZB1H01fZfUevacoBRxzQuiT1zWZrB6vDJpAhcaESoScEjAL3bc8BfTtFQgFLHRDxEw47rtFyNumgbYA4dnNpeZS35PhvaEU4hbUazSLdiOyW-qs9SZB6-l493ojVWXenNjZHJx-QE7obVhjMQ9mYC4JvAoOAZDW8hbYxJBS7Jh9CgWqvHXqqdeyhglzDT3oKtUHRVeL5aXs59-u2vI48dDzWEaEhx-VfX4eaj0hLjYtrl1VqV-iT8Yfk-wFhe3ZdGMqZk5k5Hcqd88mzBL4prqn88jz18mfawpvDfk30THXDRGmNZcxrKuY-U_ZYV-8a1YgSrFq8iX0Q9_yDsYZVZVfTL9RzgkeRuTsHaJlWM8wsCDk4gaXBMlx5ZTdjMEwH14zrrMkNch1AddG5a0vHtKy9Uwsz8OTvk1-tNEFu6liWFNof6MsE8LNfpqm-W5vbpJe7P1lczusM1aiQfW_WWf5SIWQx0K9BtC2oHzKj6GSSxvcEd905gYNVrRWzl_72uqKSbnt9dd6IUN8wefBPDgfwOLKkNtlSEr3B6WnvCX_VlDWOHthyLhKsPtyuhutLK17SvMmVjNUMCJ7rXkr2r_cd6dft2xYCA8kMNFByl6Y3XbmZWLws9HTiTbv2J7N7qZrEkaN1YGHj57Vg88_73hqWEn3R42OrmmZnhzyOCu_m_oLoGKVDoBuMLWQWG00SZkAj7byZ0k9UtMIhR4KSb5Hu860AzK9IOp1JIlc_uyTQC7a-MpbGVCAd8tyaC-JRvIBtTSGp48P-IolftjiEOOk7bE1wjoWKIdriKLx9ow-CWRBOG0Y1QOhdr3M-KUcJRvhTQ_y_uSW8ga5VvezX-zuNdxjbmMb25-vSaNxvuOHphGNpY7e0HOeIRynHBX8WrOpp8FlIikb6luexhBszWu0H-l42BfixNROb-QDCXEYVfUDadNSTPfFuoaYoEfG4luB2kbTO_Uj-cihxWZRgtw-II8CCSvo9xqemCLDzg8zDOl7B-o4NMdvXF_KWYJl1cYZLpkIe19xjBxxFrDIoqYwu4soKvRgFIK3t1B8M86NGAKdFyEj9K0zRdLBA_ryuzWf0f-c4KVsiHre7qfzl5kcE4qnVG0ZkKX1WXNmc2_KiMiQgP3_pS_dZSp5X8xrMR2xU-Pyr57r_4E2g8yHwJ8YWMw3huLYvcxbEm-2jsMg9aQ6fWAOXyN3pDqYnGM8Kza-XakfBWkmwgX7S-YpXL90PBA0wD6aBglnGqlcPKk23Oe48Z_Pep6af-GRgtQqUHSFWWskJdX-QiSX_7IGPwFFyOMxitY0D4diHVaKG9hSbxGqjY2i8KtTjzKjKbQYr58HmwDp21PUNPYl6bYmh6DU9mZDewgZHfs3hqR9o_f2SCPT5pmPziBsrb5_FpoN8FPb2K1HKnU4BqLb7w3wrs6WfUR9TyJU2N7St9x_Hni8k6YJi2jJxuKurmnR6SFTQ3L7CpdSr2aGTJiiEVa_GpSOsdUAg37r2p_HdIMJNg9s8ZeeClTE9E94hGo-CuIqeaWYTB18_MV6jJLDHA7oM_gQOtHB-aBR0pujr_5yNjylveiQ_um0JYma6mjrpUHmrj7X2RrRvx78s6Nuu9oK7qA1jFwnAvgamf38MkrLhaSCUW65q_CHxzRzsj2ep39CwQsknfle8muq5PTG8DyyWPve9vbYh2pd-ZcD_Ro1375qCIn-uJFbfna49FBBNKvHaEAb05PxxFWKUHEDMxtSwgYKNB3zK1EXUhBgee7DBeYz32oY1k5Oosb1V9JpDF5g1bdzbVAuYZMSJsh3lWSMOHOruJNFbjdfLlMw7q3fF_S2iQyLV9s8nMBZmukoRR9u7DVoYg2xKHOdN3OVy_ZU1WRDbapXPxx2zPNk8pfuUGPhyZYHv_U465dHkVpEUiaMltE7lXR9wp4QICAaijvk8W2q4eRzEGFwEPPmq65kppCBhLMwUxz_aZcKteSytXzmubI5cycPSgP8F4oWFpvAcOWpHOqKFUhUhfZ5C-FW9f9XOs71vKN36MgO9WJbvp0VHGqja7go6ABEdkygnhGr-nHvv7YhQnCwRNpv88VtiF108RBDc32qmZIZjUmpulsNDH62lKv19afgVnE5lNF9NbYB9NHrRC_Mgrpss666AT8&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=12541189012254687000&adk=1033480531&idt=116&cac=0&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b193a324a396bcc81ae71c1d9dd6b2ea4ee5286c4ed7a01095752ef613e34cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41978
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8C23
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 991A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:11 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 991A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:11 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 991A 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 19 Oct 2024 12:56:11 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 991A 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 19 Oct 2024 12:56:11 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 991A 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=xNjBCLEpUFYEBZY9tj81MSeOJYMqI8qKmqmHlyUAYaIe9OGF--gDLtPH1VKIuA5wJmrwLIhP9vjZ6j3oVRJLQNg6SLTTq_yqsZZ9wKVfzYJdGLozmxisQ3BFvp1hlJn5L3ZmGAbz-4slBqWu-6tjwNoOhZ-YAdwlye2VrSYba8js84LCNdZxsW_fwJaICaeAuQyA1cSgDJiUjZ41wYhZENLW2OtZ6X8BRreNfGPupoTXAWlA-JaJt2HP3GM9k4naUD5zDZKfmGKwTODhKkxjo8pfgZTJ57vqf3DTh3_bUyXJ0-CLx-ERquLOV_MFP5POxOs_zuSC5zSCjwuOzygGRMK5iGl2tMmIk43CW9ObE7LKr4t3Li0GthT3U0QxtONh26hQTgvPnIn4PLVQkidWtwRpQDGcO91K13pshW_wDZwOBLy4oQqvSZo_OUEqhPYkm3zS9A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1765819
expires
Mon, 26 Jul 1997 05:00:00 GMT
a61042b1126e4553a5c4fc45e3bbff7a_image_ad_160x600.gif
static.criteo.net/design/dt/98009/5034511/ Frame 991A 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/98009/5034511/a61042b1126e4553a5c4fc45e3bbff7a_image_ad_160x600.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3fff49cda35b45096f600f0dabcb3007aca3ff47845f00ab1aab104023d0a015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 16 Oct 2023 06:30:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"652cd899-9c59"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
40025
expires
Sat, 19 Oct 2024 12:56:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCB2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8440227604829&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCB2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8440227604829&version=m202309260101&ct=76&x=1&cor=5437148198146637000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame DCB2 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLbLWx9lMbXJ1TVO9vTYgdw9KNf_7R1wlEDq-RtqPbGdu_QhYmUBU7OWeAKC2U0Kwnnr3LUCytUAtdMpCdMZWo-UzPAeBw2bWW9vO4HAajlXGhDH8KKG_6XWh4QfozOXFHPJ8nP334-n4E5yU9dVqwkuENeEiYMqNdOdMwg35AerjZDDo&dbm_d=AKAmf-CiSP90L8UckESl33kThx-9G41IN6eOmFiDWw5sews3RWIWK-31zWiQZucOjQhy74UfGZotaK1BFBqfqF1tGQAqbFrewO-VGqjE2IM-fTOcqaPtQjVv5OoLTgSuYBy7CnYppXn_1zM0WUROKtZ0r3JXid7JsqPthq_E6ShlNBGcCMPVU-V0hZfcbo5KgVSG5fe4OZg3PhnJCRdDVhDufmzGzR29Aj4MkixUy_dgueKfHfBf3g02Lz5Aq4SNk1jA34cMpbnTzy225AxKPh2TiA7HSC8NPut3JD8icwhPPD1g6JN3b2wPzVm3DYZ-rByy1cWC8-mw71Gts-A_Xn8aF6bzC49KZzfxJZB0Qs6ouZG8KygHmt_DvmrezSrB3raoHO0ZOmNB_FY6Pgw58H9f3RxcQEWkUPGL_qYdcUNlJFvhI73AXIvWM7SMNFW8IHOaLs8tFE_jEHJCRwlC2uQURCMp4EhsKCUVx4P-JLtuwWxOVfzC2wOQgvrv8h1h8xgcKdnwKFx161F-0k9-pZKkyaXyzCf7YWnwcWtuInslWtHZtSKgK3IwTsXWP4cqQDixHhSdj8m3MvZTb2tnuieddZSRb3jy19uvD2Mwzxa2Fd5W8JW0O3MBAmeAvhfGmrorvj80wo-x6-4yjr99ooPM8eCojyykLE6Mc4dYd8tRSI4-mSGlEzjzNmkzsoyIf5gEqThSoOiqGPBPwRxKlMHzNS4ciQg3RKao5-lIwDfaJJvvzQFFHSM7qcn4y7fIsmuCHuuLcsTDEnj_x2L2P48e8GOhqtY8CoCfKawQyuPkI4rb_KbXvkd7lm6qQHSIazykW3d34DEEU24c8YZcvDXPPTc11ToV2Cx8QYbL_npoykmLK71h1TR1fnuJsOfagHAD-KTcm5jMI-RtSOAM0xMHTX8oWgCeiVjGSYA80wlDdL5WPWvXdCJqk6V9t5mCr_OIzTghsOFYa8ftuFjRZILqIcboIL81zkqdpJs-jd-lxG5ryQWTLQOiDa-YCwgd8EoIVCWv8wduTcH7Bbx8wzHo51cB2TDkWoluyX3n1lyeVy6fRQNPAX6AlTiv6FhHe4nQ9HYBdw5Ge-8BX3NxMy4MFl5w9E-GuqvfZ9uCat0UCRY1l-ZZiKURSLxDtPe5csDZR4yseuyEzbpeR_ZpZW0HiBNxwSzaAXdJ4TGGEaB7sux7ps2dQbzKwfkyOQcm21SyB3ppofz7mj7WZMzX-_ugYv3_f8FwFg7M2pchOHFSy1aAAt74Eyrc2DsKNscIk1zrWkHZM8nQ8y0YxKjFB2AGZKQKB7LymwNnfcn1msfj88DqX6HE5Ljubpnf3W4RA8K_FeHWMt1hNItQwgXCEonG3Mx14k5M_WhzZI-svaAE9pdk6DrWkEPgwBTBG66A48iNxq-BEgTBiV1tL4auPycTi7DggqBOnvAh5c4oIco5AEpbrULdABBDBKUNFmBFHiAxFjGVSWcjKGYDzyT5dfl7kKEfbro1Dcm--UfYtiRn7k3odZNDqDtPzgTkg4faNNyVtSobqzgGwlyCX4knqt7zMTX9rO7hJVm73Nk9lQJqEpyK3VHr3nY3wjneK3bMy18N5fZ50hutU0bBcpgn_Kd1JdgSfprDgxrcEhsZd6TCE197-quKnQmyz45bHUnS61VyYmPCeV7UzF2H3Z-uarHwU5o31BaEE8-Bwt4ADIFjEb-qPfoa9gsUnPP5GHEok6GDi8zaXxSTZ5Ak6-MCTHPPy4SvAGeUnncMXciGNJHp6n0Jr2EUKXErpXu6WIx-1rrOq8CABapSEjch-OBaHWBZ6PQTIJpOLsAouk_HoBCjI2J3lN4zHlpu7BMdk7HkXlS7b7VZWZSIXUpYFlb5lcxHRtcFq--2ENCbeBmU5BIsDsOyQkY4EamaOgjhNWsSTx06yHKTsWeS-UurLDXcwkqv84G6sATN4370QC91tNpSEoGEbI19oX2y0B1T95UMNKYj8LbQznb-PawPfPrUrzfw8ekOpGmndTjlm9m_gZMysa5LLbNcW0Rzn9nsuwm6NdxK3gHiUNHeWDaOJYQ-Tbi_VVO3RqCaP_0REYRERdW-lZkWfRlCYGIVYovox1nnKJLHn1rCd18p8PwVAluhZR_h4FyvTY4mTPTUYs_OgHcfCNQ8Qbm1KChKvknGGHC25w_OvaomdlYS-hOMaI9zpDI7sNW3MGDVwhmPYKhomIOlf7oqYiV7YnUrRg18LF-gAhAVFANTH-AQCOGCixaNXI1Js-Z-YFyUFcDYHZ9GLgQxz3E_faNEpneMZeB0pdUHJle8BO8GOL5zesCKL5yqYaT9vIJ7Y4AnHWMcKTd2c9I1W9McAWgS6dS1JqA1hmOYPtP0GhG09t_CGVtz07oqaMyHM1HcggzErcTGWLM1iGT9dObWc341CCdNMiUug_AxgN95Jk4hyb5ioyeVlXGK1hwKrgSawt6MPZCWYejUMa6MLvuo82oZ6ANUAc7-nwxEdZ0SXKLGM3lH1YmBWHaZ3mkTLof3vYAXmACkshYMHk7SeDw8Ce9eb_nu81YwiNhtq8FbHmBqTuPtKlQWrZqfEnDM_OgnCC05hrJ-lq_CbDNr50P3QoDh05zmdtepWLHpwaxetp9C5T66aX9zBJimsBxMwpdTUEgmTCDDWpqeVBNyCNCAn3fWbcK2NzBhYtAtHIM9_TAQeWA26LENr6q7d3v093kPDBPXpaaEp1QXL1Rhq8wYgBWa10O_nqco64RbFHX-jSFtaHtx4UcmnqSOPcBO9fwhfotFSDQd6DksJJLvWWYpHGT6EXJ5l6Ke9rU5cLMfkdB9JJzDEWBHPKm7DwXBo7a3Mvd0kCWZuwSiAXpT2CjnuTt76hS5OYxSkdd8z9nvyi7i5PZgX4anSvNc0jyl8-6plX5B4zk1LGDi0SZynsP0XOZX9pKov6GTZLtmN3PyAR-uhY6JjPwP5a8VxHriCWUpWhQ5u88NivZy4qph0AgjmDK5Ouaq_UazotEp_BzGOCVEd4AimNKRiud4_AZz6bfilwfqmogi-u1bf9b3ERpTcHdBOzHHXTgvlXNWXD4WhpBqFQ-KIopVDzScBprvLXj2HJMxLz_n4ZEAcW3li5Rf_W4M6k22ga--InI05JIN7SfQs4EKPjpLnH36fjabpPUn7fq-lACf-xrjuurDKPzspC5VLHSj6VSPfoxu5Y58XNrJOgC3sx3zvExwngLQtE5y1yzvz822Eb60eQ_sjijuXOlPGCH69MLIIwHJ6tHFnuHVtZovxU4KZz-V8qTajpU1Ktbug8UEO-ZLjQBOVlSWvgffRLIV02MlGP8H2SJeuTbCNE0B_6-vfviGitod4NImnza-5qrFln4JKaPkR1h6-HOQVmq8yNbovaq3gueP4Gl2z2Hkw8d14qLtYoULauusPzEXjGPA0gbEjeOFvUFLwWbLjX62WhCxDldyehi24p5XBTfYaHXHaYe74jPiGpIBpinYu2mZ3YGjuI7EYwdgP4SpcSxP1J2YbINtc1mjbWMm03urIzyVYDhaKO2vLR25bXGzcETIlNkXnS-w5e7EKulgLdbwJOpTSx80MDthkrPNx3vCLipxlIR9VXA7-Po1OJTO3s_8oVwXf4y2Q8bYEzollXwMsCqtA_2B8YaPHxdsGdHkB8P3y8xizgcVuLT4OmPK1jJCpMIGmxSbKXkTA4-xIuAXBfhNJ6LQ_B6sjRBBF3_Lw0gyt15Ib49lothsfIQbx1e2FFBJU-l0Y6OaSxO56PzxpQJZ5Tmf7ky4KWK8H9oxg7mEGiF33yXoQ1IQKjix9CmNr9O7Wjk2IXaVUcpMzrV2StVhzaK3-m_J4hwGzI76Yx9JBjeAtaY3zSaIRA92ozwUnIFyC16aGAMdfpnzDl-WPJmqu-kh6zkaVBQsddk7UuBL7z3nDn6kyGHc5GzHo4155BucwEoDuy9SiZX-ihgs3LnOej1m-NZFpMwg-VxDkPr5BmFRcFwutKuRhRSgqPBreKjTN1Xc3djYhGtnzYcg2r7A9NrSSPxOSArSVF56zZWdpx7i05UAPf8Q9tjs3wPl_PzB_mfVGvcm8I1f2wvVRSC0L9Lt0wGI178I6f24qpuBwbz91RnsA_fVGfvncecshUA1pppWpoZ40cIGT5RFgyeXJO5BqMEhejtL-tzWiluZjE9yWDqm8ImH3Ia_QStxxpeFPRHGOGvzKlnE7VuJm9ZBQ_jDiGVsZSgPpgs4AyzmBoNHD2VcPKUp7AsPnPHX6W9GvLuSJeZvjOOXKuM&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=5437148198146637000&adk=4188270525&idt=175&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9c9ba61f31b08a24ae47433bff0ff11265be8ba677a0958a9d942fce7742064
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41712
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 647C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2884053721026&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 647C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2884053721026&version=m202309260101&ct=76&x=1&cor=2065509241962634800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 647C 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxvs4PNMG9uMuae5lUN4Ypr3We0_Oq7P3MQX04mKoFmatsIkjzVonb_r9LUbKzub5aFAwT-QUNEG8GD-XvtzvAwkTXF-r9pLBYrBb10Wrfeyjzcd_2hQ1iYPCsl0oBPxzY4MAtSBA_LCcqvJ-urehDtChK-t1T1SL4UHYHaTIleAntMLo&dbm_d=AKAmf-CTHn7EYhCOoqJuqtH3Aw3gkIvTvto9i0JUr80hg7uVbJlNz9SJbYGKfSuV4W7SXulRm0BCDU18kyOeM2JbqoNSI6y5dA6_gKxVAuw026SHjGp6DrfAOhsP37m2ukg1m80QtATEpYAuOAM1mEHkEmhpkCLd8sAUPx3K0ldgJQhPkh06PDhZa74bc7KPg9Cfealj1QRc9lv6KjTGS9rNgJZrQIgG_HUy90sSfm5xw9bTgH0JsCqUtMOYgwlr_3nTCM87ZQVyLjn5xSk9kHZ596GonB0qEMLuGvxfP4BJaVJ0yTvHHvWx4M3nTGTPcZ_kzr1Pd-PnAg-SN4S-8mkNIhQEVTxj6Fa4pgBVeEmCuSntEjRzEwk3wX06H-qWBmJLbUdQa_YC1UJQCRj5JBCQ4_58Arm2fIM8mzdEy9B--C57gwmTnrweuQ4Og0VgY6Sf9-qEIh9G85pmnAu-M0lPAQnHcczfPTBIQjssXhiEH-D_6Wyi3uNRZ_2A330giaQeeQlOGlFWy5mGL9eb6pYUHNJ5clNSj9Jn-aniqpT0UHMwjAAfrRREydV-0jZlLteVpLnE_O_cXYEe-fxe710OlX9IyeaOGnTDkBvPx7fQczodNHD5nzlxLSq86TfD58a_okHU0IqMQyakfRjsivYp6hAseihE39QYz-BPdVrfE3cgxOlmpgBpQDH_VChxMnDHgMhnSwxy-rS2j84EkztAsULdoW_WNI96HyGQVijfq4Gd-STZpq-QnY3FnS0F83TvKIe8Pg6Wb-uNOyV7p0Z_PPJhhFkSqF39ZsvdUoNIsX0SwWXU3DuGdz1q2Pn2rXG7EebP7Pwz1DNeSRVJTx9wR1DeiBiIQRu1_wmnIWm4dMKSHPUVhu7RynmXKvHokgJZfyEGwSoxRL-MRaiQMsKamm-ZZrILqAZf8QSqWYGdpCpIP0YqyDOcrs8Pq2Tmatixob8W2Tvh9iNWlb6_iSAd0oWfJ4l8qSPoe92gRj6OTDNrJ7lLaqWh8eVRRGvnf63WElwSC0bkx7Yks_ugCNzMxTDe-E47OA6UlsD7dPY7zaWq29FHV97Mi_r6iJJCdpBfUIHPqqSs12is7xhPxoz8L1xPIK2q7MJiubVM4PxWoIcOwfWZb_GwdHhxHg6K_hrDpyMFBofs-VMyJXIZ7h4Veh9SNUvT4U0XtGFJg3ljB10miiDJ0i8isxOxL54SSOVZ5d19HTqquV6suaqoIwfI4ys3mlehTOh83FHBUo6p4FUwvc2vhgZdwI2XuDNON9-4qUjylpX_PjZtIcHVNbsugx7sAy6vEdop_QuSAGH0uHqyrJTV4IF-EYxuyU8g1krbcJyGu64iKD2vlFYS6Gku80TTo4xVJPe_XM_j354Gf_dnFm96Q4Uc4DBJiPeuxBRWtik6ZBtm70kFWRGMdXJcmipfteaZk5K1OuyP-Zz-ouTjjrbDh0kPgmmQzEl_kuFwU-PxTgydPbOM_mE-65Q1Hyo-C0zcivnuhwgDHu9Gl_JopChaW9eNNaCiw_9V0TWmNXbmxcGW8oj6OrnslPomPR_aV6zz7my7D9Omwwmd3IVXAy0lprqXGDJAZ92bxdGe3UMhrucUWz_tROjaxgeeOzCYQvto47-uA3A45QLzbMJ0f9eGrgYOxHKtACGqK4vkWY3B9hCDQq4VnJaiGGb5xyTbopMiruhc8Y4pSH_xRq7qGcmyg1CBROh5FS8NLfkjv38cRCY5nAzLn8vv7P5Rc7egZdoI993t7xDxmqZFSYWxWSkN7B3Yw_zFo9_bqYDXKffvcxyuYDwItTgx1joUoRhAsNcI_5N1JfAu1ePt7uLKIQqcSEFy-OWZDWSkdtMXAW1rmaErsulWN5vm9smca6VvJj7cmiVDBdcvdgCFtdcL90_7s1vOAd94mAkUCz7X467YCLO_SrlDubTdlZqkfcmIGoX03q46B0hUfbnpVjQgDtU51nfoRTNk2J7FptcXcE8oORwKKxruF-9ad6hHLGmtpZcqkXhwjoFzuJEIdId_uHXlOcOcPBPD6Ie4KEUqjPoGrfpgq7TlPu8uj_d89BMY4DVM1zZ29EUR1d5CTGxGUBSyb-FFah71JowbS6l45sHA9yYbTZ0ryYKBtxcqIJ9xvQ1IeC73RyKN4PGSGo9oTVIKLMIuPoXM_1kFEDIjJxyovKOk7EXy3BkXzmtYPqJxBAFNSTaXA5y51DXXQAup-l6jtrtt6elaXzmA77zVFG9ekpoQv-iduv2Rc5C7opl7uZSHGoiYaV1ZX-ECm1dxQRwT59tHmFQFOGObk9Tyen5AHhnUok0_RTdqSbVRjoi_zH_u2S8t3-mSOPXMAqdWfp5lThV3FRtQRpIayndIk8W41fkH422jyV6jqYufbapJcRy865iUrlLpBCH-qooTgy15yRPQ52i6betamwcWrs9KbaEK_GColzVDxSSPDEsdcEoCnMAghnuBTLQ2HybfMSvfSj9sO8nzS7don7N4dnFUCpDaGYyVj2_310tyB0LAGVVueMm2RybNY7fGq-piO9qgoX0J0vV9zr3uyhMltDgdbQmCgzH_mljuT_mblqLuSD2Q4Il7mZjyiSiU_PJ6ztKQy12JcLvY0QHEH3isdeSKj_xdiJPYjwD2jK1XYGdEZcos9ZZ5mS1WSXJlS--AgBDm9YClxDSG72tVZG2ErL-13KE5xtcu-CeZi6ZwfJevHsMiTAuG2wqOyz6eMcQRIrKvlkzSNUMSpmKCNc34hg1UPiqSFi4h8pLUR2xvazS8mbqsegvpkFQQEUj1SMTfrB71fjyEmxALEFrcNVcrfdQqmMlgKPpnhA2Psn9FVcThHGYHy3dWm5e5l9WYoH6HFxI4qBSVeEhk29G_VHCaQbjcB9x9Nc6Q-IrcGZh9zPOkA5j_Qotm0kd8jIjAL4TKJorzZ8qeC1g7pSu2duTM3JCzo6ahLzO66WyqV3RJTb0Ma0kekUYvGya3JabpAKZZmpiMd1KIerb-9_msG9TFtTh4tH5RjvCp2mcGBjra5kC6yOP9DJpkbUnpSIOwO6qn9nztg8y93pJrZHR1R2-WXVNDOsc3j9-9qxIEmqnFB4Sl_DVD7rzTiRrNJ3zwSpbj6V6FKQXkoG58_6wK_kYv6ysIxMg4msknS2pD7F5cPnOHwCDwAz-UYL6iTbIDpeszcqav05eyrzSYnZUV9v8IRadJE-yRGePbJPnT2vLxjPNcD4azt9h7a9-HlwBvvU85reOzW4AlP4lE2FCLHQgsQcOiYbznfK8UwNG2aPTRh5DzDOtgHhubScfSFPS6-s0TG1_49WMNEWxu7LVyXcPwcxTvii1i04n3_nsGM8qqEinzvukxJCGjdbifUB8QiHDElRFJ9tkxGHA6N3esUBqJn6OMFg949DpcR6ZejlZPRm6kg-W3zcfe9NFiwWXUTYXGqW_6-RbA937l1pIE9OorQPxapVjSiE97vlhuK_lPUazzPePsgxO7bV4xudMNMGVn0D5f4yuiX1Gc20kExH3_2BHLT6ToIM968dCBYzyvc0McX0577U_6ZqSd9bWZSZ7nN8DlXy9Jlyioev3pPM7gZIfHBaK_3ZPtFLdB7pk2ZasoCnla-PsJuxmX60eR9_0Mr0YnsvtSOZUEgQ5dM3oawcGSpbdtO9yTqTSzwG6iJ7_O4AoUILEmm0jlEaeceQEF6_Fuwh2VJakMkzGckIEgN-5lP8mZTtbmCwqfHU6AINzI16rnzQyjqMlIQ4ptRtLY9mXZLvFrxfg07x-zFIMidIe3MvBXvvBloUxXQaK5MSxrz1Wbka4tcJE9AETvb2B0-f8ttYEY3x-6ujFamN3G0Q4Dy_9HXIIevbzkvbQbzcMXdO-9l8bF0y9TifEWbYblasuL8vcYAwN4Ggpv-aMjr169z6_r9zHJp_mPr0BplgoA6gQo2vozyEHiEc86W94QlIeY1nGHt35PZ0p0W5qGsyEd16fNY-RVWmd2yU6yaGrcves7KVfvIsn0PV--n5qd4cqXH4xrHvivrymAiDnjaSsr8kISpeDjELXQ7ktZoT0L4cRpwXsm8CDlJho18SkCK2fZZNyc9Av3BmiFk5GjfgeaC7GoALQvFBsh5RmbYIDKnZ9bgOdq_gUlxMihW8casq55xXxDOtD5C3D7-7Mk7Kn9ywB_YYR1IEF-cgMBBjr6btJeSzgeHcOd0sQUF1qJiPmCNDuf2cI197mpaAj_CWIDPBRfgAWQVZeqMV_DwPLR5F_1LqGAeRV_-FnHJuZvWpCBVcc&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=2065509241962634800&adk=792902355&idt=121&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9a90fb11d79c9ad4ae5ddae484766bb0d8022e8c4591ba4bc1e427f0e0c5b60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42019
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ade409932065ae874e2286e7cd5bda59.gif
images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ade409932065ae874e2286e7cd5bda59.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e06a01ff863b19fff735f26c582b800ca396ec26df4fc6c8031a8f3caaa4c9af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/fl_lossy%2Cf_gif%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ade409932065ae874e2286e7cd5bda59.gif
age
4021
edge-cache-tag
410525681661481829585333891681888905716,614524799708851957906337891690524885031,29ecf9b93bbf306179626feeda1fab70
cache-tag
410525681661481829585333891681888905716,614524799708851957906337891690524885031,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT
expiration
expiry-date="Fri, 08 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
258449
x-backend-name
addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kiad7000157-IAD, cache-iad-kiad7000157-IAD, cache-fra-eddf8230021-FRA
last-modified
Tue, 08 Aug 2023 06:18:57 GMT
server
cloudinary
x-timer
S1698238572.855257,VS0,VE0
etag
"0b4015bb6ec93a2a51896ec93a40ae52"
vary
ImageFormat
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2044, 2
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9503094467259&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9503094467259&version=m202309260101&ct=77&x=1&cor=12028398269549883000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3DA1 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsVrADE1rtMuHODPxeFzAcKEbbF66WGWaM4T7EsfGYpmAQdmMA2DLsH-Czn1CNxm3ET3n1xkuLdiUWD-KelLSW6Sz-VHhMYyUdOby_9SVGaD_Nbmb_gVMH2kbAxPU9HNU2Ga7Jbh5oEoacS0-G6py0WiPTUUjHILBBzy5-PzMaMwxGFdU&cry=1&dbm_d=AKAmf-ByU9rqL8JvJGTw7l0rzVsiEYB0IsM8kYKqNiQ2xW45Kt08SbUiA95dy83FQ7i7DhMQrzcaNPj5iA0XpytKhA-j9CcUU75O248_ASQTKCuEIZe-t6SDoqt_ocI2OPyW7SQY1ocW7-WRZ_p_3drCTdBdega-yVK8rxhWpTYhZPk9YdRszSUdr7fALmy2TZL40RG_M9rUzR0k_2aYjzTKFkjtc7_U1R1RgZtxSQYK0h89lW6ysR_EUKffr1Y2Ncx3ti6nJJMMD2LJo-tcL5ZjGIoFFOwGJ1XT99B4OS6-3MXW63LuLgKpU8mW2s73-ytS89a2fkMofDXmXQFAluje8xsvRmuzvCFEPNj8FYdel6YY2SOrwrftGTNEFFmWLYLjh_3bpG6g0d0kHUf4wrZH1yCtCwP52WO47Gd0NKEYpDwRspj3cPCB2E1SX0IrICZAlMw2cDxa8BmL85oV9A5WfeAgrqqonHBlC-jAP9kRy6E8NBvn0_yhj2_ctTaqMhJWcV-ABpFLPpN3KL21qfY5WWTpo_lRwi-c0KVQ9WF_-qFqtDALnDqx26Ai1t9HZh3NWAD65_EiK7DdmxaKsQThldQfrw8GCTQw5h0rUweUKLMkZN3fM1_g_A08W6aLpqp_NhG8usQOtgv58Lbs0kvpNK2KVrUq9xDU5pGIzK-XDbCZBbPwuu394L0E2uKqh28de9ANfFx-aPO8Wp0UfdAzy23XECoFxMfMMgynwJQd1Llk2bhmqTZyTf52jK_imTc5EKxg8Z_Fu6EOmNqkVvNxNi64jMQtS4Dn9Cqf3-Zjx-n5YEDeVlp0O_UHdF8Xno-zLFWPpInwG27At160lJdRiaeqoKmqrwbOiuCcWehEZH2bHWIuPeZ7b5ekCo9DDx3XHrzaAlrbxWlYPKvD4xTlrOE-Y-xZFgvhLaTB9pf_GP433MOYX_gATMYFq8Zd2KVfafrSfhQFJ0w9KWRKYy-hjwtdeBsfbaeCHPddw9ZSnI_7rbf-MFY_CSbnoia-haCRxTMfsXJO3TbG4I98kaF_E13NUv9w5D25WQ1p-6QUCT6c_HicmoRhB1qHoBSk6hghBMeaqXkzHpGs0WtsmfaOEF-lTWUtu6lxQU4ABD4hADFlilj8K2Q1Cmu7j9_SU6oDrV2EZN2Ii6uK1gTPLYfcsaVG4yVmiMl7rWSAnyg_jL99Z7wqPbMoq-MJxYpLSW4-uLJvFBSPt-pMAEZkMpiuaq2UFEvD75PQfZ-215KQGAie4g93yHynOO1VZwwTz1C1catj-5Y9nG7khWNedIYIU0vNizAn8kOQ_KjcEXRl6exH7df7OcXnmiQWjhHR6rLeotq3bnJie5cUEYmsfTXdMWefUxirziB70O7stW5hMF4_tfQUp9oc4R4JkZ3fkf4tyl1hLVmsFNOKsL0bh3fej9JILW9Yo69X5Tm3Jt67wkJRFzlAN12_n4TEG4Yewd45VAUxnb0grRzUKwooQoaoy5PrEkJoDgbeC7zaN0_8opfZGqmeHJEdOrI79_2khT34Z4i5PhMNRighNY5fNh7PIbiyqqsEQChlG8fVUgM9Mqh2zvXiGmjRIfvZnbcF_QmNdDWNQZA0jy-Ggx3OJHhOpSb-kB7fBD1_58XAPnPi8QC5-K6XITkOiJnfvZbkOI2fSkp2Rgj-FS2vUWmcGBOWnDtBaHjpD6GqwrFxjXkYa1ydc8UT1Vw_qhCF16_TSVNUurWUtDHNe6m0rS_U6jCeirFRYY3yUAqe_M9r9Xhz5ZNXuwup4OK85XviySgX9IUeBsKzFCaQS-AddpVORFZ5naliGX_bnHw13Tx5Q1DOvR6So807qcf06WCCt0Yik_XsPtMffcm91cwL_CIWqFRaLPVvwz38WTh5h2hBbWOU3vFjhA7J1bJJ3Za9_TA57EKlLVZoFR4TI7aGRoWqW-9JwgKnn-ck-Iu6473hp1px8XA14DJ_NetfM2WyjJM5_yTjX5yxHMsHetejyGWP0pdhxORlor22277ks5y1m4BiPTXiQP5XrVsU-wqA8Bc0ni1EnduADJQc32l3M9VMRTRA7iUrIwIKCTfAUCnzF1kEb2jptGVs_a2uV2meqEqPxLRCtr2N4VDAkKFaOTynfcNGlEOOaI2a6741Jwm_ZVUtm2K-CDgsLpVvdAcmD8oMIB_agAEqsOFOy7RsReTOY4h0jNvMmIPHpadDtFpztKbV7VFxtIFvzjJ9ufxstFYZuxQFm0VbIEEbtoHC4NPnepVESkPxD_FWJnSuvPpnEdtbj45TycTgvGQs59vG74s8DmdjyFSyFo98cTjBvZP-30ma6fkJeEOX_ldYjutNWvYkSf1HVG2omCV9iCL9BL43ZWocPhhWlFN0nQ8O1SsWnuIpeatT8pWI30gGFEQGHMUhzq7ThClp973n9oX-bCpiOoyJaiRltn6CLnIs5w414z8fXMDKAk6o2hhynh0Av2GS6vbrmghdG6CnciXh3lKTyvY53iVgI9gKZTRzv3BMLMB2DaT-MSQ6xyecNFMqYZybV0ebS-3OiiyU0d2BgnFtg9kMszrSO45h5ElIIsqiw7szBWjprdTk-yX5BPwdKq32rtuZcIS6suJGCN3zfo-otVwZSeigssOf_fbXYWe1sAvnWB1nDk4bRcxYZiLZNdMWqvpZWj-ESTWtavD21NSsxwCFPJAJJP4UV8Xm0s10N6bG4UwD6oRoEKgG3pFtVWsoF0tRczESGdoP8vJQZ_hWl68Oo947gqu4AfnWShBc3LJzLrH-_U5Sq5_sch-lmofB4LCslCAHXdGZWNeEEJIWI9666aBiN8s52tlkFzoJx0NiqafnEOHS9B-QrI6ehL9BrDP22UCTzG1Y-CJPgZEK32qMjLlaye_JkWlxMAKoYBqVtL6i375htLdl4ZK8GDNFiFLitwcZ0Z9S1wSNp4Kn93OEld2vDxZuTDL2mXj5K-CuKd7GiOeTyGf8qSGK5QpO-zv9dPnSdVmJJV6of67LKt6A5khszlr8HXzGKrSvPF-MrYC-eXkzPfFttXNKOBgNaX8xRpySx_qXnduJ_PhogkizxsbB1_0sr4a8Vw0mBB9oDsSguy14Xh9ln7gvesYC1QmYRe6tr1X8rupgBJ-c0URpICmGlxIqJ8wylh9HHvcj2Dzchi4Ac3eN7ADLqbSZzg2QvsIUo0QVKV4U3ODy6qA0LwWe-9sUXW4BLpNhPOojmDvj7IKLdx99MGOZM9kDd2m735LE2tZLpLVQwfTqpNfDDgd3xmqdBoI_46jKjQNc9xgE4r0nl8obJSS-6scp3qxeSRHIaZFpaaeADkRzO9FEaJ6YNntv3PjkanHiuI90Wy5RySv0Hq2WrzbqoF3d7m6J0zvxAnDxwJikN3uGE5Q1J_8aZTlYHJXhddARnCuah2cZLyy0oIJveprPVWpV06BEAZuwDRICu_trbTvJ-RxJCrVRFxgXU5ese1uZM_LUN5D2NiWS-mvnyovBWjW76DQtdQf669-tVmN1mpCEhxBOwKbm7QJ_MorPDSqp8Gmkc9fzfZyjV5dKcFBFBYFl4TwclT-LArVRobDBb_gelWqIhqAedxcUqbXRbVP26GK_uoDa2iMCC0v1xQE4FpD83bi_C2KIDxPipp_9PV09qQMAd58gDZSFYPjrP3uNbvVoLPCDTMCNoJcPwliurRgsiPQEd_ipoYErukdteN1Hk3EouaDA046pI3ibRZaYZOQjEuGSYjDCDBI-UmYd-qNrS_-eOJBVTZF0VIZDjt-06VRdSxvycMeiGlFXATDHd8DRFrl-8d4PaJ77wDkmg0rd-vaaprO8MAfc0yCKOKqZVzNOlfcZ5C68YcfjYEgPja9mNvVY12bhnYkA35I6mIk4hQlWESIbeAJgOvVt2C58fr30GZSkPCnKe7d6vkiaUFc9uvqHyHgAYbut3-ITJidJZXC5Sju4WEfqo_FbyQ4-1hGfexLVGsmTBfhkj-DIiCvt1lPVPlkPvCEkJCmKOLjdwA-5witpI-p1zo5q6Zpv222Oa1vLbywYrwc3Po8fzSuR5NcuNvyYgFLJXzEBLdqm2FssLOKDmZIibBrF7ygqi6odVTpUtybJU2ESBMIIo4SGtcwiApgIKH7EGQidhl5qGA5Q6iaJCaIAcVYvkPFHHkJ0_WCT7aVnSrvSu3h6gigeiYa7KXgx9UYAR8TScVo18KHSfaySKoP6StroGAIiWsQ-bekF0lLgl1xoazMDYANEA465kv3feaba9d7L8vFiugCZV-KDlZngKFhvd52TjwPF0a2QOGfU&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=12028398269549883000&adk=3661671305&idt=192&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8722ada450607b505db1eb8c53af912e4a931e48f436594bdd5cfa7ee9e565da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12095
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=784066131419&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=784066131419&version=m202309260101&ct=77&x=1&cor=8267670395138575000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2ED2 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpoHsgYtZN0u-zAiRVWk_KRpZ8Gt6IGRwYeQUDoUCg0C19kuN69EfBUePqDO9FcH5Jq7W4p-D0-5GVtbZDp4wzgvL5z56jnmP9sbXraWPrLjR4fsvsWO-xiymvGZ9JIjFsUf8ySPzD5wC91Fepe7mcL1Mj3u1oawsQtkoPLrE5e3d_vJ8&cry=1&dbm_d=AKAmf-D1cVZtThx8DGaP68AniUjFoxzbrdFEUEN3gaCPVjjZRV0Ik0_mzssw3INDvYLBm3rGiEhhWOANUG7mPdD_78WL1FXKWCQOD2NFZ8KoOPbACqrP9F312vzB0mRlYGFWQeUE6v4QIyS6yGMebyW_fAzchGblkyeISpt2qy1JTDyZgBqCLTeL3oSTuag337yu4z-Pp2omsB0iIe78HaCVQudoCn0AbNXVNYJR4phgGgvyk6rYPxiKkBhgsfsecAwdkmpg0TJBkIgHqM6Rp7AvbH2X-pmSIBpYM0v03_qX_NTXAmvW7ykqanGqWtumoL4H6G02XzNt_9kzPyxCfdFtaPxVjc5503xlPZk3CRkJiS_2_Zo7nZDknYDnCeFeL6v1ez8moriUfbBF1aEA1m_1wztTvYikXXTuZW7-DWyUxbtl45bEcsJlJPmqeRlTTmjdYynYxo9OVZqjKuYRFAPKEm9ArLUjh308k3n-YYgagSc7bgvToxnNe7uGOrvJSbA4Ax7VgyKPVsterw0hc8tv5HRmbUSB0ezLFJkAhACKzhjHhV6PQctopUwz40Mldd0ss6P3Mwn8qfqSpteugaIhDB1oYiXJYcAZ9ICxW4ZMCkW3N107Fb9zVjLCSG0q7LvT1Ch8rnb6o_3Ht_bT8caAhYhwp967QNetLBzeATWuYCHljbcfn0hV96IYGDHrRpaAwoG38f8LgeNXrr3RQMtCy4KPVr1vmWtIPijxs6IId9DuRhrp3vsFzKi9lNvKRZrvR1aUomB6Hr-GU8nd36K1H5qdWtdf9USO5-QHkB0driIFa5QCLVGYvuRM9_AyHpMT_1Q39ICpFQbeqjd364dAaHsnpVEyyLVGSeQ0lhjOI9t4YcM0O-7c8q1rSQn_Vvn2eSjJ4a4yYhSPzTWPb0eCXOoPMCX48TPr3nAyWm2_XxOTqPOM2bgezS-FT_MWDrvTHh-QIKa4rpA4foq_qD1flk7ImsN9eaCOdFe4R-sk7fA40pK3CkK7u0XF_gPu2EJN94yTJhzdDrwtaEhTF9OPhzkd3gwvLUhSd4wuP1w0GYDJ21MPy5sZR47TM2Q9oN88IvaBsBFFxhtkGOSCCp706l9wlnNsbt7zXK7gHL5fHhVY1mIuwKaT22mW764gyCVo4e5sdwuBXNzGKIktUHoNliqvRIRT70TTENcSNYI2yigomVvc4cR8-7IpCLJFftAT_O7S6eRjG9DzZc17tmLs_FlseUs6y9iZo0S2XDoCQoS6gfX4uxKLfdxG4EXYTY06PNxFnVndF0beG1_7YrYI51omOThbqa0A6HwWv1wGajO81Ia9YlK-9RTITJd7Ve8tXzXW3k_YeHvJ3WlNLaJ8TV00Unc7-_Jr4COKZAlmrvWROx7TdtN0yzq_L43jrNY8niZY6SReWLhJcd79yMDvRS3UmpD9tG7xPf9B6stFky8CxSG5kNBUd72qsYkD2pGv2L8rGjvo8wCbhv5luZ_IecNZSo2hTRsmMnJpEO2ju7Q8hIjeNWBhaEhkOVeHodIpKGcDBWsq9NQyxvkCaRI-_X2rkik6OS3ivlvzF5PY9F-SdJUsbXEeQyO8nNmoAvV70nSKmd5Yv8rKltk7oLXhjYoXvFMOqY1Yohli46u7os3IGKC8Dy4jy-ZJkfqgf02yoCWd9y5stI1yCRuE3v8m0XHP5_96etXqLlnOsJ9JXwtw6vQcMrFwBUqQka8zPz7J5c4jLKJW4In_QOlo8M-Hg7czpOHI_A_WVoejyWCZhQf_Rmp9YfsCwOGUkJ-7nZbs-ODyV2V_M-T_neuRjwkR2BBUFwy3LLm-un9OJEHwtWjhhxGUSaSdkd6fAOlxaY2oxhv_j35Pg6IF3q1XVdeacEPiJsK9QIW6lSwDtvfGAQBPstL6ckCG7JFwH0PZXv9q8Qv3KDiVRqH35xNV6XACcA7EBV6bWGUmtpS9nq4nwjmJIwRUOTTA1FLm_na6pMugw02BjHeB5kKZmc0FXtGTE3Ri2y2q_7Z2J3VyrSifKbwHj-TOWzg-M84DzSjgaKz2f1HMgIJivHEooI5HqodHzzczYvQ4H3uJtaOyPogx2N68UCP2MaQRhrxQooz-s7Diw6FyiCmhSy_B395qwYprHyvn3St0nKpMco5EOWWfhGE3_8-l_Y24jU6P1zUtGwslReh6hRIl844vJhqlnYNSXrc-rQbsqCm_iYrgMLhdDj-Ik_-S3CzSeWZXTPjlBcg9MhLiZ0-iiSB3XA3R00-ZOjMKFF1gq20ct7BfAJBHKDTYbSuk0wm192_HjYOjzaiFeti4lyABOYkVlMEl0136IiEVNRwBAUWbbpoDnDbImgaBSAiKpOPmYtTjCEyoOWaNlyo2nLN6v8HCieM2RKKUmdTiTpjFCu229JnRvB0SNEjV4bDIDZdpUrp735pF8YC0YFRqmH9yiRL1B2usaFqYCafcYoBfAmXIGPL2OzbJ2n2NnzAHXO68toyl4F5I1LV_4We0OTSJMVKWbI7TH7L_rKQvWzcQtb5fR0egH2VwftByuYimn37-nUXtSpNwtRLNOLfU-5aWg6DqYfNbt98I67FPIjUNRQE5A5FhR6czynVDftoMhicR0CK-jb1loaS7P_ZV4qJL5Z1k505MckaA5K4D26HtRrQRMgxBdGZu_TVxw1zq9byZRsRh0l8Hk82RE4rUMCwoKp-LwGE3is6krzNzC2CIFlzZdTiospthXzUYqll-t4NWo_-aqQZAJWThG8EVKJPyjUjJkLdAhLBtOsOiNHyMCN5qrr9m_KFrE-j_0lFsBwItxYtJmFe5Q0rVmZ2UeB7ljZkdVm3uhlCGcK0RlRoDTZfz_8aOLU_aygJ-DvZbv170lD3jIaXJ0YSCaQBvGdBlW3e55Jclx9K3lw_46dUauILZDMqKxnHz96RaphpcqB-6WG-RifgGKolglIQqx0ulSbOe7zvzD6R0k5_7yw6fqd-EuTAor3Zp1u6MV_N2t5sMVFt0NiViUMc8wDUcuInu0dFeIMBikWVwLhPhf_NCBkKziLTBkqXtmSzN__JBivTKzbuPrv3ZWQkqu95wauk721blqWVeRL8TT0YaEkdwvuyxKYaj8rMVoJ3BZDTQo4cZTrihgS-UsfdRvxcPVBEMRL10ltdCz5Og0ieeLnbdYlDSmKkUnUAdFQ2pF8GV8_qVXo3Hza3hgVfmA7iFPmoUoYleuJI49_yQReRQPTX73obRnwYnuOt_kCzr5zD8bnTxjQUixdwR9Z0d_2VAG1KBsohPHmeYhyhJJdBBzJGrQFcVI_EbdRxAJAKefSBmsXlevDddPzUERq0_xFLPu27lH6tKiH3litN49SYZKtfwuWsfemqYZxasJHkUfXydjdgxrNKSGSfYajKAVjmLn1Veo7ajN-Zah_T-SwZRNOQSrjHQE1coFSHpb_ciAm3ab1lJW4HmR-ltvlTUdJ7vTZ42Tcteczm50I_gQTsrisJFzNpb9ZvYzcLWMdf6dBcuxknRwcEsPo46fM9VwD83XmTU8EdPwGNTmJIGK0T3yp8KjrUiYidBtoQhhoYNCokQwSqj4-unHPG4a4RpL2CRE9qJ7L75dGui6goT-cBztOa52XuBIMibADLE70AoLE0sb2gFKuv4cQSmjSwKXspucssFZN5ZXSAlmDTCLmZIiGHElVW-T6sDUeNo_FKLPbe6a9gVOSUaRFrocIlr1gB2poGbiV4LtM6xV5GxIAmX0HLFkzHdmmBBoYMLYWJxGL2aPp5DTl4TsL6VnHo6LJ7Bboq7HyNuJijp09wGbRtM40os2qXZgROVgM1vZeiNSKjS3JpoPiMemwOEqYAKA1uCD-naU6xAcFU4AHMy96S20VCgqMnEFr6WAlQINbIuQn-leX3LbXTOkXoZi8vUaq0IYZKkIZ31S0eOgo2Vh6jDuQkUEBwMNoMi7MWd2OTuBKkKLv3PHz91Ms0r1n_r2epnv-IoJF6Feg4icNt7KooXldKWw2VnNLmeeo-YjN-2eSgJFp01YVNvieUUlL-I7g3ey2fShZF4F3dqcKVUJyhYt1RFrHkcMpkf1uTr71fU7bP5dmAPEjGNhMuyBoQ4c1cXJ9sqQD-0iz7UXGB4UHHPJzuRd9zCsvdalJbzMy82zvGpIt-ijWWDD__WqjPy5d3wV2fjFRe6qDAM_kIsYg5PqyadIq0MXyNE30mKkxDcdZokf5RQpCkOTEVPcm2CbwCi0VsK2EclcnyPR24EN6fTk_9rEXxkgA4f7hIRSx-npCms3o_qfBAWsv28wkcpzNVY0IJ4&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=8267670395138575000&adk=496764934&idt=125&cac=0&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fda5a8614b80b9cba81b453b220c0669749064ace87b6b2e4d675631ed0099c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12214
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
83376f2809752cdd34ecbc0815e3f8b6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83376f2809752cdd34ecbc0815e3f8b6.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fb817e37184d03003484ba326a1bf5b9a030187d8cdb96bc00a6b139a67cb4db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/83376f2809752cdd34ecbc0815e3f8b6.png
age
1833513
edge-cache-tag
575590346740773752554804482526820609317,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
575590346740773752554804482526820609317,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
165
expiration
expiry-date="Sun, 01 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.reviersport.de/
content-length
11948
x-backend-name
CH_nlb804
x-served-by
cache-iad-kcgs7200051-IAD, cache-iad-kjyo7100062-IAD, cache-iad-kiad7000069-IAD, cache-fra-eddf8230021-FRA
last-modified
Thu, 31 Aug 2023 14:04:15 GMT
server
nginx
surrogate-reporting
width=240,height=134,owidth=1000,oheight=600,obytes=1136941
x-timer
S1698238572.907790,VS0,VE0
etag
"5f077b48f24b66122b7165baa38c8cae"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 36, 2
a69654528a66399de924f122473d8f02.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a69654528a66399de924f122473d8f02.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
762eb5f116e45d61febb9d50833a12f46d6b4a8f55d11632e0216e8e9c756c80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a69654528a66399de924f122473d8f02.png
age
2341067
edge-cache-tag
374987358472160904801905375603795196288,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
374987358472160904801905375603795196288,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
35
expiration
expiry-date="Thu, 28 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
8858
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100163-IAD, cache-iad-kjyo7100097-IAD, cache-iad-kjyo7100069-IAD, cache-fra-eddf8230021-FRA
last-modified
Mon, 28 Aug 2023 15:47:51 GMT
server
nginx
surrogate-reporting
width=360,height=240,owidth=1456,oheight=816,obytes=1065142
x-timer
S1698238572.908055,VS0,VE0
etag
"13770456901f7bf3426f6e864665013a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 159, 2
5619e65610ea963f492adc2fa491dba5.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5619e65610ea963f492adc2fa491dba5.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b37204b03ea6e49d045e6b7cf7d63ffe8e7c7546c0198c079e8447207ae7c25a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5619e65610ea963f492adc2fa491dba5.jpeg
age
1923411
edge-cache-tag
418422803756905994080594808344048590378,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
cache-tag
418422803756905994080594808344048590378,613570411217116831189459287628353010494,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
96
req-referer
https://www.heizsparer.de/heizung/heizkorper/fussbodenheizung/fussbodenheizung-vorlauftemperatur
content-length
9712
x-request-id
7a7966f886ec4e87772b0900e67bc659
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100055-IAD, cache-iad-kiad7000096-IAD, cache-iad-kiad7000052-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 20 Sep 2023 12:47:32 GMT
server
nginx
surrogate-reporting
width=600,height=400,bytes=23351,owidth=600,oheight=400,obytes=23458
x-timer
S1698238572.908090,VS0,VE0
etag
"a69ad77e0b3f008c30f1763f51752863"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 2
e9e093258dbe8a4b9d19a67d04b5579a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e9e093258dbe8a4b9d19a67d04b5579a.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eede9245970d735974ed35d0a0277697e88e9c61501c92a0c321c047f5f73596

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e9e093258dbe8a4b9d19a67d04b5579a.png
age
568446
edge-cache-tag
569286094237265361339446966550820136490,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
569286094237265361339446966550820136490,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
512
req-referer
https://www.tichyseinblick.de/kolumnen/aus-aller-welt/israel-im-kriegszustand/
content-length
10382
x-request-id
374d195e416c88c37de229c8d2bb8fb7
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100076-IAD, cache-iad-kjyo7100147-IAD, cache-sna10740-LGB, cache-iad-kiad7000020-IAD, cache-fra-eddf8230021-FRA
last-modified
Fri, 06 Oct 2023 07:43:32 GMT
server
nginx
surrogate-reporting
width=360,height=240,bytes=14912,owidth=1000,oheight=600,obytes=699982
x-timer
S1698238572.908784,VS0,VE0
etag
"43802d26e18ccb1206e67e28d78efe05"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c44ffc6fd468ec88d421a3c6c581263ba38e93702ca14a7aaf32edebfc5a71e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_134%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/903c9957-cdbc-4301-9a22-fb8e6671f90e__X2MBXup8.jpg
age
2053183
edge-cache-tag
392738696118879087880244372989716533787,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
cache-tag
392738696118879087880244372989716533787,536820510747737614437872821064171510454,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
80
req-referer
https://www.zahav.ru/
content-length
13844
x-request-id
c8544cfcfcc1573926040e79ddf80c33
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000158-IAD, cache-iad-kiad7000134-IAD, cache-iad-kjyo7100095-IAD, cache-fra-eddf8230021-FRA
last-modified
Fri, 22 Sep 2023 05:53:22 GMT
server
nginx
surrogate-reporting
width=240,height=134,bytes=20027,owidth=1694,oheight=998,obytes=290525
x-timer
S1698238572.908361,VS0,VE0
etag
"15e4fbf1824aacea61b878689053fac1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 10, 2
pixel
cm.g.doubleclick.net/ Frame 74C8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_push=AXcoOmTNtRD80cv7oYoRZ2Xi0cSfRpMJM3cmcbrVENPTo0P6he9RQT5AbH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_push=AXcoOmTNtRD80cv7oYoRZ2Xi0cSfRpMJM3cmcbrVENPTo0P6he9RQT5AbHUD-7PxVcPRHIRWTwpiiWPmM80JX53b1UByWgQd_Ac
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230066-FRA
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1698238572.993893,VS0,VE99
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_push=AXcoOmTNtRD80cv7oYoRZ2Xi0cSfRpMJM3cmcbrVENPTo0P6he9RQT5AbHUD-7PxVcPRHIRWTwpiiWPmM80JX53b1UByWgQd_Ac
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 74C8
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFL4zcU3ZjMTlx5y5_EEnno&google_cver=1&google_push=AXcoOmRggk00Aa23Av1n-W8do1IdMRdMyeKwky0mqUHTwkcl0D0s9sWLIyTYj3EGK-vvAudRPqFBMzCnl6zHJtrc9oqxCwpL3a8
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724E311D0B2F44A883B9EEE9F49D75CE&google_push=AXcoOmRggk00Aa23Av1n-W8do1IdMRdMyeKwky0mqUHTwkcl0D0s9sWLIyTYj3EGK-vvAudRPqFBMzCnl6zHJtr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724E311D0B2F44A883B9EEE9F49D75CE&google_push=AXcoOmRggk00Aa23Av1n-W8do1IdMRdMyeKwky0mqUHTwkcl0D0s9sWLIyTYj3EGK-vvAudRPqFBMzCnl6zHJtrc9oqxCwpL3a8
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724E311D0B2F44A883B9EEE9F49D75CE&google_push=AXcoOmRggk00Aa23Av1n-W8do1IdMRdMyeKwky0mqUHTwkcl0D0s9sWLIyTYj3EGK-vvAudRPqFBMzCnl6zHJtrc9oqxCwpL3a8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 24 Oct 2023 12:56:11 GMT
pixel
cm.g.doubleclick.net/ Frame 74C8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsrr4kYNLNhlhJcAG82Blc&google_cver=1&google_push=AXcoOmRnpbyRKcJGViodgiCbE0W-bLhXTgAbADNhaZ4Yqox6_NpGUGkxmh0zJTmXVX0qFcMtQGwWd4Gt...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEsrr4kYNLNhlhJcAG82Blc&google_cver=1&google_push=AXcoOmRnpbyRKcJGViodgiCbE0W-bLhXTgAbADNhaZ4Yqox6_NpGUGkxmh0zJTmXVX0qFcMtQGw...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2OTM2ODAzOTI0OTQyODQwMQ&google_push=AXcoOmRnpbyRKcJGViodgiCbE0W-bLhXTgAbADNhaZ4Yqox6_NpGUGkxmh0zJTmXVX0qFcMtQGwWd4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2OTM2ODAzOTI0OTQyODQwMQ&google_push=AXcoOmRnpbyRKcJGViodgiCbE0W-bLhXTgAbADNhaZ4Yqox6_NpGUGkxmh0zJTmXVX0qFcMtQGwWd4GtVaROnEZ5QQv8TK6Yxw
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2OTM2ODAzOTI0OTQyODQwMQ&google_push=AXcoOmRnpbyRKcJGViodgiCbE0W-bLhXTgAbADNhaZ4Yqox6_NpGUGkxmh0zJTmXVX0qFcMtQGwWd4GtVaROnEZ5QQv8TK6Yxw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 74C8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGNgEqrkB64bbf9_bzxSyF8&google_cver=1&google_push=AXcoOmSnGTrKh8A45LELiOnpZHFjMDldYU3euFiHSlSKc_7aX6B22LZn2cmnmxrwayVwiAkDQZQpfDGuz3UYuK2SS5hYPebavQk
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmSnGTrKh8A45LELiOnpZHFjMDldYU3euFiHSlSKc_7aX6B22LZn2cmnmxrwayVwiAkDQZQpfDGuz3UYuK2SS5hYPebavQk...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg5MTA1NzUzMDM2MzM2OTQ4ODQ2OQ%3D%3D&google_push=AXcoOmSnGTrKh8A45LELiOnpZHFjMDldYU3euFiHSlSKc_7aX6B22LZn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg5MTA1NzUzMDM2MzM2OTQ4ODQ2OQ%3D%3D&google_push=AXcoOmSnGTrKh8A45LELiOnpZHFjMDldYU3euFiHSlSKc_7aX6B22LZn2cmnmxrwayVwiAkDQZQpfDGuz3UYuK2SS5hYPebavQk
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg5MTA1NzUzMDM2MzM2OTQ4ODQ2OQ%3D%3D&google_push=AXcoOmSnGTrKh8A45LELiOnpZHFjMDldYU3euFiHSlSKc_7aX6B22LZn2cmnmxrwayVwiAkDQZQpfDGuz3UYuK2SS5hYPebavQk
date
Wed, 25 Oct 2023 12:56:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 74C8 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEDWWjCdkTuHtU124GrgieY&google_cver=1&google_push=AXcoOmT0nFyFjL28_sDDn99jyfitVP5af_YPCv3Jb80nSTKO4LXGBo52jgT3W0IojlPcXD3nZx9c7T45tkPmxLrd2ftxl6xekIg
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 74C8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQZr2vrbwSKf...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQZr2vrbwSKfwFxDJpAT7wTo_IOF9m9bHgHJs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQZr2vrbwSKfwFxDJpAT7wTo_IOF9m9bHgHJs0OwypnmJSItw5cw9yHA6S4PB48WrGzTScBnonFJ52VxhRYknG2JsOkKznj
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
an-x-request-uuid
e4f2a869-877e-462e-b1d5-fc0c96dc9d66
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQZr2vrbwSKfwFxDJpAT7wTo_IOF9m9bHgHJs0OwypnmJSItw5cw9yHA6S4PB48WrGzTScBnonFJ52VxhRYknG2JsOkKznj
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 74C8 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEDRsPXb3pUUOalOEaywWEiE&google_cver=1&google_push=AXcoOmTles8izVuj_gWvpelSmjnr94nYSmAqXg5PMh1oB5Eleuw8842NTvDWHjuIVu5TomPvwEAtuamRX8QpoKvP7ErofBFxN79C
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.144.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-144-107.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 74C8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzCpmGmX8RTuHt3iSn4QX16mtr6J3bBGqmoqPw3iQ5_b0nw4UxmomkzRS_5PdujowuoBlsG-M
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C3D1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:28:37 GMT
expires
Thu, 24 Oct 2024 12:28:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8CD4 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
60d418a4677b872e2e2d232e0968bc8bbfed66c1530b12071cd69922cc93874c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N6npflQH93Sad29_5pYJVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-N6npflQH93Sad29_5pYJVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:11 GMT
expires
Wed, 25 Oct 2023 12:56:11 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
dpixel
cms.quantserve.com/ Frame 4877 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN8qlkTTk9qxVzF8wQclhOI&google_cver=1&google_push=AXcoOmSTYR5Ckf7J01g2H1q9JAdvA4a0gusWhP_mFMHREhT5afdk6oA7mY7_BhnfObxObW2RqfpibTVOueRp9YsKBvg9SHHRt5LQ
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4877
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOLpC51dJmikZHNNnZkatKE&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOLpC51dJmikZHNNnZkatKE&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0lIZ3Y4RUYxUVZEcUk1&google_gid=CAESEOLpC51dJmikZHNNnZkatKE&google_cver=1&google_push=AXcoOmTtwUdVSdeHhXVdP2Y-4iLS0eo-o7aBB92j_MZJpDG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0lIZ3Y4RUYxUVZEcUk1&google_gid=CAESEOLpC51dJmikZHNNnZkatKE&google_cver=1&google_push=AXcoOmTtwUdVSdeHhXVdP2Y-4iLS0eo-o7aBB92j_MZJpDGwEgCe-G6De4v6eEuBYX-_kI2Zkg0Dhk2WQAcAakhAGOOD6kIFS1w
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 12:56:11 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e647d20a74bb4317@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=U0lIZ3Y4RUYxUVZEcUk1&google_gid=CAESEOLpC51dJmikZHNNnZkatKE&google_cver=1&google_push=AXcoOmTtwUdVSdeHhXVdP2Y-4iLS0eo-o7aBB92j_MZJpDGwEgCe-G6De4v6eEuBYX-_kI2Zkg0Dhk2WQAcAakhAGOOD6kIFS1w
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4877
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEG5m-v53akF8UeYjXdOcvAY&google_cver=1&google_push=AXcoOmTW-5Yak14dnOUsMidMX-eVVam_jGcyi7Ip8xt0vX0l830Am-twIGK8wNeJXva6sv8LFolL7P1...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEG5m-v53akF8UeYjXdOcvAY&google_cver=1&google_push=AXcoOmTW-5Yak14dnOUsMidMX-eVVam_jGcyi7Ip8xt0vX0l830Am-twIGK8wNeJXva6s...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=eX8eibJzTzyCMnJCapjDg2U5EGw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=eX8eibJzTzyCMnJCapjDg2U5EGw
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=eX8eibJzTzyCMnJCapjDg2U5EGw
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4877 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESELuNm5K5PZfrBS5w9v-7n-8&google_cver=1&google_push=AXcoOmSNDvrdoC1z-ZEmxGSVhaNSTufZuwyh08YCrJED1rV593W5OhGzUNLWmyPoWycQk8uDi5g6hd7rG7V8f40vp74CJQjRyfsF
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync
ssbsync.smartadserver.com/api/ Frame 4877 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEEDWWjCdkTuHtU124GrgieY&google_cver=1&google_push=AXcoOmStLDhw4bBTHelhrtgLaaTNWWCWkoq_dE7y7adgmHYgb2Ou25A9y0VIs-6fDs62S8n6qsBc1rlqSvgEB6OCZkjNVeJaUM4l
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.109 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
content-length
0
/
onetag-sys.com/match/ Frame 4877
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEEEHkjGJhGgz67JGTInmisQ&google_cver=1&google_push=AXcoOmTPy3dko4sOIOAp0eEOj0uw2rcflJFhY42n4XB65pn49Cwyd6QCzgAfeeXp1xXgAATcx1la6HNOAVj...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTPy3dko4sOIOAp0eEOj0uw2rcflJFhY42n4XB65pn49Cwyd6QCzgAfeeXp1xXgAATcx1la6HNOAVjkBEvPSW84W-y7amkW9Q
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4877
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTTLRQ-Pw8DrU5MPuRKsy5nkULGg_MpYkSS9EKFr_IqCGz9I3ehLj3BZoxGDXXNblDU2h8x_J3aPfdF6vm8T5icQJ58fWl3ew&gdpr=${GDPR}
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTTLRQ-Pw8DrU5MPuRKsy5nkULGg_MpYkSS9EKFr_IqCGz9I3ehLj3BZoxGDXXNblDU2h8x_J3aPfdF6vm8T5icQJ58fWl3ew&gdpr=${GDPR}
date
Wed, 25 Oct 2023 12:56:12 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4877 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KAKBVj_XebSbYLMaEQH7S-V4g1pElnD9PP3KPZR2VKmC1WKeVTA5pD9iHT3IH0_RbF5dv5LBU
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
eyJpdSI6IjRjMjhiM2YyYzgzMWM4ZDg3ZWUyZmZjMWZmM2ZkOWExZjJjM2Q1NTI1YmY1NTliN2JiMGI3NDVjZDRkM2UxYjMiLCJ3IjoxMDAwLCJoIjo2NjYsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjRjMjhiM2YyYzgzMWM4ZDg3ZWUyZmZjMWZmM2ZkOWExZjJjM2Q1NTI1YmY1NTliN2JiMGI3NDVjZDRkM2UxYjMiLCJ3IjoxMDAwLCJoIjo2NjYsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6bebb8dc1c07e226dfa85182754a8d2720f1e55fcae6c2356b8321c8b95b91ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.outbrainimg.com/transform/v3/eyJpdSI6IjRjMjhiM2YyYzgzMWM4ZDg3ZWUyZmZjMWZmM2ZkOWExZjJjM2Q1NTI1YmY1NTliN2JiMGI3NDVjZDRkM2UxYjMiLCJ3IjoxMDAwLCJoIjo2NjYsImQiOjEuMCwiY3MiOjAsImYiOjB9.jpg
age
3784178
edge-cache-tag
616800380921384694830320443410576985546,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
616800380921384694830320443410576985546,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
65
req-referer
https://www.eluniversal.com.mx/
content-length
12334
x-request-id
f56f9805beb03b56b2788e26ab84c234
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000039-IAD, cache-iad-kjyo7100149-IAD, cache-sna10738-LGB, cache-iad-kiad7000137-IAD, cache-fra-eddf8230021-FRA
last-modified
Sat, 26 Aug 2023 20:56:55 GMT
server
nginx
surrogate-reporting
width=360,height=240,owidth=1000,oheight=666,obytes=500709
x-timer
S1698238572.994926,VS0,VE0
etag
"adde6444f94c5f51989d18d08590954e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 41, 2
3051149-46.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/5/1/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/5/1/3051149-46.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2a8f6319779780a67a4849b478e1066f7c6464bae51c711548e80f8eab7ef9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:11 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_240%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.wcdn.co.il/f_auto%2Cq_auto%2Cw_1200%2Ct_54/3/0/5/1/3051149-46.jpg
age
1115704
edge-cache-tag
534985371119943635316950930281097279237,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
cache-tag
534985371119943635316950930281097279237,591629115298843029277391227329535378344,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
920
req-referer
https://www.zahav.ru/
content-length
10160
x-request-id
5be12fcf1ab6b4781381743b4d9e72b3
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000119-IAD, cache-iad-kiad7000176-IAD, cache-sna10728-LGB, cache-iad-kcgs7200043-IAD, cache-fra-eddf8230021-FRA
last-modified
Sun, 24 Sep 2023 03:55:24 GMT
server
nginx
surrogate-reporting
width=360,height=240,bytes=13756,owidth=1200,oheight=674,obytes=48938
x-timer
S1698238572.994924,VS0,VE0
etag
"d187dedb1dff67ceb706381129e17592"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
privacy_small.svg
static.criteo.net/flash/icon/ Frame 54AD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 54AD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 54AD 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 19 Oct 2024 12:56:12 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 54AD 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 19 Oct 2024 12:56:12 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 54AD 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=VYnCRhGUtws4QqUwkh2li5mERuX2lD7Y8YZo1dj43g0M5t1KJE9H4EWOAFzkUJdOGvu2I1q5gjDGneF718UziTh1yTxeFiV1lHp-_m5-yIdOnUi7OVAy4CCcJadAsjEKa646fwkEAik0ubJIG26q-SuZqa42MhQDzGtSNsJAmrTm6v1DQbtnP2FlMXzXZ4-W8ypsiLZW4OkzsgO_b62G3Z4pzPlOsMI4yNjXoOGbLx4ucIABMLwKMdJepOoPbZifkKcMQPQijU8px9gZaj3J2Sky_kFwcsxDau-h0UrOiw7QYjZtKlkSLHT8-ckVZRRFBlxeGgXkHRYwgSsz4zFRdfnK4mH9VvPhl6iXIWWe2s1DqLPdDpjIsIx_NJ-vwy5DC56tmcklLdm76eV88qDiCGSxByS5abK8aEcHUkxkXJB5iUgn
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1617444
expires
Mon, 26 Jul 1997 05:00:00 GMT
index.html
s0.2mdn.net/sadbundle/9461066680953449411/ Frame AB57 		100 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
598c18381d12cdfcf3a8fabc5c2962ecb93f3ceb764541b84ba7f1b07e26f91e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
549745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21444
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 04:13:47 GMT
expires
Fri, 18 Oct 2024 04:13:47 GMT
last-modified
Wed, 29 Mar 2023 18:10:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1149 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNm9S5BpoKqlPsNA_v1a7Cy1Gh0CZCQ8IzGOMvJEWs1CcsoEhz6chW79DLdxEusrYMpCLWCUpYQRRMnC6DujDxQIS9JQuBGvgQPw1w3JRiJOBmEM5E2M9XxVxHgWFsyBVX1kTN8MgU5H8xiaj17q27tyDuvcX4p0kbKTH6OYf7-W6Zjz_pSCPKG4FeDOP5OVrGb1Fps7aTn2JxUZuVd9l81zyuJ2Jqia5kOTvtts810t4l0K2a2c7kWjWnc6nbRjSLwoR4_Gdl2N9d5qXL3WaJN5blrxRqaL4luh0_p6dwJr9oIqcHjVlMZb5EvLz5uqY0gg_q5qEPDDEtmZwt2g5AFtu60zhJBmVlIEgVxb0S6xecB49ulW-ihYkzzi5H9lM7_44SsAlfVMpBdbX5hyD2c0K3CiWiUVNiGCv7IaKZOr8FcYT2E1kaSH1z6LWNK7zmpt3d6MbgAL3z4eKZ8s49lvJgl-jCdSnnJzoVln_yvSw5BGqBcFjiwwzCgP6i2Em855u75FbP9oasPGvCtBB9KWp8eFsV0c2xytZKq2Za6TMO8fgsfw34zlIqYTeiTu1A1Xft_9LS_-8uUkMwKRi3BXSo_5vbECDnW_dHPJRo8y2sKUmz2HGLQE7iK416IyGHKEhdyAW0TZbAoJ-V4TUT_57xMhsuxv4LKBEcWzOlA8bt-d0EkxMRHUX9ZTQISI5Fd_DAvRE_QUtZ14Qk14Gp_bouQZ17rNXzKrc6aALvFHzVNXPMtpF2VFU-Vt1IvyLPgr-D8tQB1JuxutwT4V4iLjHDl7g5EKr3C5dNTRwWejM9KlT1LBCtxNdOhbKRh2nDHdJXfBlATS1MDhmIOJJ_rPzUn3kKJ1ckTcSyHuV4UDWVTkGhLEiCU4U8xxyuzHlRWK0TFOzFKRXy-LvQH1mBzee11qlnuTvY-DHF55PJn-NHjurGt3rtKjV-r_DDpqkaq5CWXGseYvjRtVnXrt30CHywW1sKmI7RxbthVLsu2xEF3FIhQf_0Fi3PbnlmryqrSzXYbGFiXvN3pbgW05cjRw1R-fH7kBabBYO4LrlhDhKBWc03OjCto1xa5_GZ60FQWaN6k1lYcuqlMu55CM_lGv80X27_c00rGA6G6zS77hZxUDwkrQ_thOY5IGo4f7JHQkLzuRDy_7bAV3pSAI91ZNbdjm0iPfG1jAvrej6flgTinqr27mlsktdFLMoZaEs7qbpfd8eYINxckdFrVJM_7FPJCZZC8HoWGHqB-fWFlwktcUZkU8QYyFutrD3w9LCL0EgN4lGxhtARVxK0OYxXpt9CpfvKfTh_fvdsE9JebxdP9Epog5s_hxoVjKd4m6Vzz_xJKX8XFVYWYBjpcdqS8vB-BOdn2IUxxzvxgcuuItYZBuvZJ-92a8YtySAp3usInhgH_8Ef_NgBDPx6-SpIMA9U1b16z297xVUgcMVBqsehwhXsnDKNjpxEo0tDOEkjL706Ej1MWIPOjaZP51PW5AP476g2P7z6dZ4dpN2p&sai=AMfl-YSvIKqVB7icMC58zQ1sM7Xq3C5ZpSYkDu5BzoUcgKF4on6nR8iZAuaBKo5RSDWmoEUSO-Rz_gsCXCtZfwfiy8FF-6rYeYQzqNznYlkkKUfxUgYAqIZ9zpuqvy4LR0ojMX9U2acy7Cbdi9V3Z5TvH8MF_cFFqZVKs79I0RnKqVBb2Xuiz02osYtes7s4Dkju6nFwarqmvtxImnRp3wjiSa5-SZSqYSUZNstwCk4xCc5xbIm7ErrgDmEmsPQ12KQ5buWan8KHdqJTuqfHdt02lJx7Z7tdG_vKrP2f5LaRf2APUZxpDnn62x3wvNK1ZC41bpThpEpJKKYXWQissMCBbTq6jYAdMxYSlOy-m9GXFG8dEvrfaIdejxscAE5q_-Kx02AUGct_zMy212GLvZDuR76CI7fEp3LFZ8pucJ9paKaT-0jLx5_zvA&sig=Cg0ArKJSzIsNW9oKEnXWEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=954&cbvp=1&cstd=949&cisv=r20231023.76984&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 12:56:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 38A5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1&google_push=AXcoOmSXKfJnffLxSdcvgLjexsyQlfpyjfYRDTApC7QfZmc_Ul9U34epIjawdkf_8aYAQYx3uxNAjVP8M34umlIYg6AOLba37cuL
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE0ODc3MjQ5MDQzNzE1NzE2Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 38A5 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDct32Lf2kz_vXL7aLG-sW4&google_cver=1&google_push=AXcoOmTXwNd_-yu0mjBoWLYQ6L9amWF7oym2_s0-eyo1Ed5iuUQQQaXzEK-tqH07goGAakHQlXZwmzePLCwoJjo9KgCsP_u08MPA
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:21::1720 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 38A5
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEFL4zcU3ZjMTlx5y5_EEnno&google_cver=1&google_push=AXcoOmSyCbWanUrSA15vE5QxwbUiiKisf54gSOEX0q_bouL3k6jJMAMs0KQnxzBFqnJROYj8hu2SadTiF5j0fX6kscW8XOB-8qnT
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724E311D0B2F44A883B9EEE9F49D75CE&google_push=AXcoOmSyCbWanUrSA15vE5QxwbUiiKisf54gSOEX0q_bouL3k6jJMAMs0KQnxzBFqnJROYj8hu2SadTiF5j0fX6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724E311D0B2F44A883B9EEE9F49D75CE&google_push=AXcoOmSyCbWanUrSA15vE5QxwbUiiKisf54gSOEX0q_bouL3k6jJMAMs0KQnxzBFqnJROYj8hu2SadTiF5j0fX6kscW8XOB-8qnT
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=724E311D0B2F44A883B9EEE9F49D75CE&google_push=AXcoOmSyCbWanUrSA15vE5QxwbUiiKisf54gSOEX0q_bouL3k6jJMAMs0KQnxzBFqnJROYj8hu2SadTiF5j0fX6kscW8XOB-8qnT
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 24 Oct 2023 12:56:12 GMT
pixel
cm.g.doubleclick.net/ Frame 38A5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFKn_GBgr6uDXcq_afg1ZXg&google_cver=1&google_push=AXcoOmQdOVJKhaUk8KVYEFS6j4x8qkdbuXPA8S5X-w-BO_uIFPnUSpzXTso1AOBjGnZppwyqjuUOs1hHg1TtpcyUsx7vbH1...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQdOVJKhaUk8KVYEFS6j4x8qkdbuXPA8S5X-w-BO_uIFPnUSpzXTso1AOBjGnZppwyqjuUOs1hHg1TtpcyUsx7vbH11-QR4&google_hm=eS1QZm8zRXdCRTJwR1hsWV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQdOVJKhaUk8KVYEFS6j4x8qkdbuXPA8S5X-w-BO_uIFPnUSpzXTso1AOBjGnZppwyqjuUOs1hHg1TtpcyUsx7vbH11-QR4&google_hm=eS1QZm8zRXdCRTJwR1hsWVZ2YmNZY2xpZDJTZ19BSzIzS35B
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQdOVJKhaUk8KVYEFS6j4x8qkdbuXPA8S5X-w-BO_uIFPnUSpzXTso1AOBjGnZppwyqjuUOs1hHg1TtpcyUsx7vbH11-QR4&google_hm=eS1QZm8zRXdCRTJwR1hsWVZ2YmNZY2xpZDJTZ19BSzIzS35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 38A5
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJyHdcH4kz8sZ7E8lg58WIA&google_cver=1&google_push=AXcoOmRLIfjatY3NyWoqTmx9ckAk_6YnDCLkBPODFdvB8Ke7iCfOLDKONbuUwwFgyLNNSCj15qniNLtqy9oRLUAYYvXiH9j...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEJyHdcH4kz8sZ7E8lg58WIA&google_cver=1&google_push=AXcoOmRLIfjatY3NyWoqTmx9ckAk_6YnDCLkBPODFdvB8Ke7iCfOLDKONbuUwwFgyLNNSCj15qniNLtqy9oRLUAYYvXiH...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRLIfjatY3NyWoqTmx9ckAk_6YnDCLkBPODFdvB8Ke7iCfOLDKONbuUwwFgyLNNSCj15qniNLtqy9oRLUAYYvXiH9joX5CS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRLIfjatY3NyWoqTmx9ckAk_6YnDCLkBPODFdvB8Ke7iCfOLDKONbuUwwFgyLNNSCj15qniNLtqy9oRLUAYYvXiH9joX5CS
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRLIfjatY3NyWoqTmx9ckAk_6YnDCLkBPODFdvB8Ke7iCfOLDKONbuUwwFgyLNNSCj15qniNLtqy9oRLUAYYvXiH9joX5CS
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 38A5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL18Cl463jKpGtRzVqXw0-A&google_cver=1&google_push=AXcoOmS7fTTdczjRKpEfx1scD6H_IJD71Sji_2rGkAWMfOkAEEiWnULii5yChUtqWvQpSnhChA4...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmS7fTTdczjRKpEfx1scD6H_IJD71Sji_2rGkAWMfOkAEEiWnULii5yChUtqWvQpSnhChA4_x_LsiUkqe5GdOGqK0Pg5Ra0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmS7fTTdczjRKpEfx1scD6H_IJD71Sji_2rGkAWMfOkAEEiWnULii5yChUtqWvQpSnhChA4_x_LsiUkqe5GdOGqK0Pg5Ra0
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmS7fTTdczjRKpEfx1scD6H_IJD71Sji_2rGkAWMfOkAEEiWnULii5yChUtqWvQpSnhChA4_x_LsiUkqe5GdOGqK0Pg5Ra0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame 38A5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmQx0AefQ8lzo-iD3ekaSAeNdctORhYxeA_p-yrap4XjjlUimRxt0iyzYtpPH6ISlYDZe6_yOix6lQ951GaxPkjxWbYl2VE&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmQx0AefQ8lzo-iD3ekaS...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQx0AefQ8lzo-iD3ekaSAeNdctORhYxeA_p-yrap4XjjlUimRxt0iyzYtpPH6ISlYDZe6_yOix6lQ951GaxPkjxWbYl2VE&google_hm=A31t7CBrZ00DoofpuxMSmo8
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQx0AefQ8lzo-iD3ekaSAeNdctORhYxeA_p-yrap4XjjlUimRxt0iyzYtpPH6ISlYDZe6_yOix6lQ951GaxPkjxWbYl2VE&google_hm=A31t7CBrZ00DoofpuxMSmo8
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmQx0AefQ8lzo-iD3ekaSAeNdctORhYxeA_p-yrap4XjjlUimRxt0iyzYtpPH6ISlYDZe6_yOix6lQ951GaxPkjxWbYl2VE&google_hm=A31t7CBrZ00DoofpuxMSmo8
date
Wed, 25 Oct 2023 12:56:12 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7d6dec206b674d03a287e9bb13129a8f003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 38A5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IbFOM-27tjvsLDU0ZS4bqrCCsPckIjPxvwbyW0Jwrjny_vmnLXeJg234SHs-QTZg-MaiDY
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6FC0 		133 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef507894e158a8ab8a838484903d74d5af958a72c0673006b842c58d930ecf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:12 GMT
expires
Thu, 24 Oct 2024 12:56:12 GMT
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DBF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3Tw9CW5VFDPAN8OIBER6N-uzwbL9mTcdSGn2JdHfqVYk7BS_saBgsDvKoBB30KIguymnmo8e9_njqdHx9W5BqSQX8Ak9vRVRzJq4DZgZl-gmDr_Q1NV8h_mbfZZm6l836PmcSLJHI2BHb-AeZVetyIXE4JvmWi22xV78rEoY89DLZFeUuUmP7cVmfE65qI_M49VWRa2zxnC0RFEZjyO-3MfbSAtOz7tjPTxrJekvL1OwtBCsVzTQwKRWSULpOTjftT1etK94ZtML16zgmE1pa6mHEaAD7kLXWKmfk8XEqT4jQ-iuBR0j7ZfQRRsLmnXM7vUtQaJmpdHoXTp2zSQJ271N7wUeLx_F_iSS9DOXcJn9SwsKjwa_h8-Nye4_l1NiVtNwUVOadFlEu6oupj9F2fXmUa8molSp343w8cZf5DDv3FdzbfhJaXvn4dKzKNMoIRHfKyzgbrN10iGoM4QEDDtVlsp0L_i8qnGIrNQI0YSwhIEiOSo03MjJ3p69nfG5LGk9JWvGC9sIzuXsGexsocoe8ctYrsFS7u8ig5eTOG3-e4j2K2OfRDUhdzv_ratBFJv7qptd2L0ZF5KjCidWuAhmHpWthPDlqwGqI1CBEaDHFMJ254SXWt5xcZJ_Q_PXujVc1l9QB509UsO6c7no2q4F6FuGDVngt029kcEoWpOTiZ0lqFAg1OUW4L4pySOmJEG51qugyiylnwvcNDM_B8Ixa0qxGB22hUMHixC4v0KPnhMY8anKZNKK79-Dqn2M7G9uRxxYf_XYmoZ3CHXmo7U_IHZThbs8sXJOS5XDJZK55-Dvy_bvAVA94UkoXMzO4q7J0hS1k1npu9rjG_BoTEhG2RUyJ-fVJ6iwe4j0E7MIGF9A0H4ALuUJdWo7pm_jdFQO5e8Q2XPhGk_9FhcF4nwVDmDjdIV_5mx71tj8xXxaVsX-GII2Aw3Z7E01y_pWNfZ7dWiviAS8IWF4Kbe2G-hmzjU9EJaiov7xxUKfrLJKsw_D0B-KzKFzKjccsvuXm2jcRYkflV-0LSLBYvrvALJ_eFMzmQkTxCzsmNaGgPBZy_jrd6CW8h1Rpx61IADFvyplXWS3pOQ7AgTKQsxnKjRqdTqYFZZUKiU86w_hpuUdhNJcIg4ro5VC0oWiZvuXUE4xJxSZSfSt5MJh_Q05h9qSnW3zzmue5PtZEose5lx5DnqF6GXk9SKb1MoX5prw2g0TixHkIpHE-bLkYi-Bhmd90jNehw83Uci4DfjC-ROcmX0aiaPhkwM4b2asctp8MjQiIGGS2C_7lgbIGJEi0banGn9kb7Z366IDNDlUhyu7qocEi4LvVWflkwo88e-kZFYN5l3kt-vH4m-8Za3pBLV5tuDuoPHd2Rid4XhOZC6HNfzZeUJvPH3gHnxi_PYdXovLxrzxybRnUZGBvrH2duEQ&sai=AMfl-YTv0Em2--DGczeAw1iLV94srIF_C0yWi5NYVjSA5uFqdwSVXdtGcJTKxgbU_IkMErAT_I5bA92RUKDSFMOvgey3bIEs9hiYePzT2FQi0Q19WDuOwrGZCyqZ1G3PGsB1rFeNVK0S_5kFlY6fW_KY5fh-NEdVphPN9FNxjdzv17MGFKQbM3QwU0jfNjlRtUZ4gHJoUDkkYuzOuPjSE_m99UslZuJ66GbFEU-9rH7LXJ3yoAdo8ZXxdrZCpfKfZdvam904u-d6mjgWYxoxpvnNyqkQhrmffdNIy6soq5oPw6_r9EleB13poo4J0RdwmRYMH2w76rDQZH88rSErMHW7Dwk4hvN9lSMksb_GhwHI7Ha63CqjTOv36VWqenEZdA3hxz5aDZLAWo5eDPEwOPTZlxQ2kEg1&sig=Cg0ArKJSzARv1OK_bwJCEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1059&cbvp=1&cstd=1046&cisv=r20231023.56915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 12:56:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
fiamp.js
ecdn.firstimpression.io/static/js/ Frame C7D2 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/fiamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
7d94107f619b79439af7ca7fde45f97ba80e6ab755ac912d17910d9aa62649a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:09:41 GMT
Content-Encoding
gzip
Via
1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
2792
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
36470
Last-Modified
Mon, 07 Aug 2023 11:06:29 GMT
Server
Apache/2.4.54 (Debian)
ETag
"1ba31-602533cfcb740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
M8ODPzlySAkorFcb1NqBAJM3uI6JDMpp33chzN4Sna0O5VPZ4RIyuA==
index.html
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B84E 		134 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28d76b4a4ec9614dc564bef56c3ec33515fa57b82066b06b9a06bd248a9ddb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:12 GMT
expires
Thu, 24 Oct 2024 12:56:12 GMT
last-modified
Tue, 07 Feb 2023 13:03:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FF4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstl_mis696Wtf7Pbo_ENZjWiCV9o9_sXI1RRKFpdMUHW5BxHFwDQkiJLaPPfixfjR1ah73jallvNT8GLUtWeuWHSZjA3OmVMBO857eXbXeVke27q4KMKiNfiz7nYjXyGDOHVm3EsHTYev6lXQMYxb7Q0C9eiAWj64bR2IhFOIO97FK-W4arIOyPm3JcR_rsY4tKsJwh6gWsiZt74JbAVZJucQDzxoTw3WkOhT81waS9klixjz5Yem5ryMYHmd7Y4dOkdWdheU5dP8-VcOCo-yYiHly_b2C-uqvA--WrJg1iUIw23Y_5ODR4t0mu6d2WQ-Fp0tqwGctkaaeIiSfqcl21ROy8zXeclT3c_0SPtIKkHFGmer5jq3pLfXdbdaYuQxaOZL8Cmoz_CtQ0-G7kOEqGYl6jtG8vQZnfBoZjNS9GUgoAezKVzfbebhaqFaT2-iSU-7tk2hZF_VZePI9r-vi3toIZ7aCdqblgzVq_Blmy8qLWy3RM_YCXKPRezEWwa0M2RC_SvMAPtIf0FAZ8KdvhfR30oZj1Ox5TKywJBBrmJdCLCRFD96piFYSzITRR_T5SorbuDh7GXdiEhReutH7k6SssWwHcRk-DuFSZ5L18pKKYfD4Zud4w0H8a6-ComTvtfMf_leb_D6O0NMRoQc6lV3I71IXuk1pQ7oH1ylkgGW4MiZvVN3KsLnABtX4t1IsywWJXTsC034-cdArg-Vx0Clyd-XSUiuNqWoWcBZXCRQCkS66shB_GE60jJxDkZz2rnLWNelPv3f1H99N9WrQW3WfUkgxfPmH0UaTDZtIM0N9oh4vNFm7_FXiHXyUFNFmEnmVPp5XP8tsPpufWO7R6DZj8fJY1YE69ZSxU9khf1y49nrydSJNOTZ9vDvyDKj0V49gaouzENd0w25xjkFeJwRmp4CHiUtlW-rgWpNJsp1gJCTrVUgKZqqhHs7z5r_5Gt6HIo8Lk46V9fInhJoEcs4pH7XNWZvC6RMMxvsy_nCYL-F6TkJ7DV2eDeSZDMWm8xV4f2EkGOrLZt7KTqsD_4d7M5AZuEEO6Im9ICc3-R-YQ-VBiw41uRMOj8sZDoTyuAREJ1euki3nvAfmT7U2GS6BI5FG5ZgxTYMw9KrPwBq_kioNp92x5yhNePSXKTyeS9pfFv4LOL4PwsJdAPYRE9BAOnLRdB47i0bWSvEK2DPWpYQzWI-TNxtT5dCZ3e36yHehAvqI8P0eSnn8VSyxahhLNG6d2HXNlOafy1TbzakIm7v8RMKkdHcvxyloYAWTMIRFmO9XTI0tEHiO1vUGZv7piueOOcfTCWg2hyuckOyozi-JdOOiR8Fmnsj240HUN6yMSlNNpFHNB28P05p40NuVt5ZNA-yzUqEldjlBWO4hrTZkDF-F8s11I_UkjDARemLa3pzU99LxUbRjWXrDP_pP1WfaRUxDf&sai=AMfl-YRuIpIZh1rNqskjZDo5ngGJ1N2R7IF2en0Im-OOKeaz37xVG2UDJ6mDVqC_0ORDmLFw3CpSIp9p9zPc92rR07Q-UPqfvFTetmUgfHLFuAnRIcKaR1v1gUd1GOVGTqHiOPEteeN9GNzV-uk_goRhsSAJHcz2OowYKwIXcB1kcLIGltW3jO_1426iQxcDbhO78wzKj_7rnUGqsFR0f--TK6DH1YQoNEbF1LNRrsmm2oImHE9lRCnei2PGOfrzxgVKy16BchXvgI2Av-4M9-82h5zWbgRDduiQDi2WFyehQHF1XtqKUL4jKILLkZhkjaSqj6vWyjmQfH54cKaM_rF_KJxv1KxwX04ZzQ5LcxFq_mCbtQd1815tlz8mm4xfhEXhYiQvSJkqF3YpwSfMwV2yj-9Gg0O8&sig=Cg0ArKJSzLEfjPnn4iYWEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=983&cbvp=1&cstd=973&cisv=r20231023.34983&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 12:56:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF49 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:28:37 GMT
expires
Thu, 24 Oct 2024 12:28:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 28A6 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ddba1e155e8c600a48ef22cb8ca49dd31b33239b325cbf56cd99fe91452cf899
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3d51h7kYnn31B4xx1DO2tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-3d51h7kYnn31B4xx1DO2tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:12 GMT
expires
Wed, 25 Oct 2023 12:56:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 26 Oct 2023 12:56:12 GMT
animejs.js
static.criteo.net/animejs/ Frame 54AD 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:12 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1350098/69352126/ Frame 1A78 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1350098/69352126/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bidurl=https://www.zahav.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hfnX9HmPmCvl-EumyLTFUU
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.10.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-10-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
014e6fd312f2c7489ba9e34521a75e11becf6773dc5b84062a0fe873f48f3666

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1A78 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Origin
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 16:21:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 1A78 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTt4PfCMEnWbJZWLi3PU1npzgBGRBCMU7kqRUtu1BYmoTRTrvPz47V_oXUjdUgjHzt7LlfCbI64-RtXpyl_vsp28hRn8DOhXjcV_nWv0v5BmFvLQJX7H2q2wJNTUKtQtAW63RsdA-fgrFWNK_kpnFaOgk262gXAgAOZ_Aingr8gAhW1aM&dbm_d=AKAmf-D4g86WKstWWQMZeuJzE3fqYz04ErdbSCAeUqFt2bh96veGzD4UXySyfYGsPFJ2YlzY5S0RPGV38KB6hKb9teY2g2_34Yp2SNsNpM7jtzIecogSUlwTAi6zXoyEV7WzECC2zx-A5Cq92g4-YokPR-UdFXr2G0WM4Q4eRbx1B3NN8VJjA1xFB6BrMs-YPYNkh_4j1Y_i5eLVgzpuz5xxyV2pn9_VFgdxMPOzN46_2bcrvNhpIvEpKoTwsyLz0s7pAjmSlYvFqeRqlAMcLiS_zTr5kcszOuBtzjDLbLxVKRPGjAA1_1ViX96zL3fvWNnetL1uq99VkY7C_eMk3HgDue8pKdZ1ZYS5cKmRZK3GvbeZTei2Dd3myKY3FERRYzTqmER4hH2W0qGFk3oCRvXrF-YmF6LGsy2AXHdQNhw_TjWxrv9h3c6mE2AAIVWhSAg-JTNgOzbjoCpqbdWVkHej_1HNIrHhXZKM4pQRdh30LukwWAfhtISx-iuT6JqMi0i89zkvl7vO76prOhml_S6eGphZciNcezRRl-D7nfnTGIhe1Si__uVVCOkt_gsbkSO9RgGmnhoKRU4dGyRV93V1jrgZt4XJWxtDt_ya81cGC5-uwqvw9nMaCg_IL1kRJ5-V561PFPApgCaXpw3Ppp1n24sItTiDu8pPNN_HEa6K9TTWZzcKCSz_Nm0FXA3tnSAFrrMYT4PxUSM5wrlzZFDrV-NT0sLNzjyDq0mI-J9fxuSjx07h6HT190F7F_D5-WIv__F0BKQWRdki63MFXx83qTrWyZfdU9Pe4vBNbQA3874JQotpatCDnrZyatSTILMphhpMMnSiADVhEzlhLGWY4Ai62yXyNcn0FvqPu5G28TnPM9Rx1FKMzlw4uQcky9EzA7Q-RzncBXYykRH7krpsjBgcJ0lVoKdW7F553EH4jtPkWoM4dYN5_kguspke1PnJmMwRRwHC_TEgP50JKoSfr3erP7SaCrWpDJfCv-LH_xuvDyhmAc79XcPBHC-koiU9uVy_VTEX-LBn1V-wEudrFgYoPpEcJT_zPpa8wY7yMaYd43I9uY-GVXteJ3ztbuhWYKxJlOqnhMICEgTyL99Musv828VC_pdAGlKHSugVQ1vearpqEYKlxhn_JUUvzxNrMffa8XwkP19RKHw3UZIUfP5fW_YZ3kIGxTTWUoQIaFgV_WC19lTKsBSDY6MtOyhFl7Vcb7hba0VrIdftUyrPoHMrYMTvsW_NQz5eqNrma-1uHKeP-k58Ua5PxlCcdzgpYovMgouYsiJWqoUw0KRnRP_qCrsVKHcJb0aT0ymQhzogzD1adSQngqqOok8VqaeIHTQLlSsEDr7su-hfcdgwM1v-Vm-E5ER6MLYAbr0ObivcjmN7inBXWhsjVSW6Mn-zpKqtqq0df-90WxmC79y3iWHEUofqXvc3etrJgQ_9piEq0F6Onlx8fmqRfaXw9A5xrL11Y-IeSY2JORxdPGoZA_25hdahq_VBofwbJUvNXKsemVMDOGCqiEvMgBXK-YgE3F1wvdcAttA02WUyf7Hkm1vOS_wmIQxEjGBCCwjqWZq8I4sER9fcM5ThdR1gmMNv5EsdcAOVKqOX-0hTNRwpdXHeR3EX_R3ziEGRF2Mbj2X94p8CQ0JD19z4a6HbIf5n2b6RSbYJcUCln69Ev-50WOL52MFPONYv_LKYAw491xI5Ao_NQcfY0B5n9dX5YgLQcoZ9_8OxevP7cNsOTXHwzRbyyaEhjtZFmMmzE5YYpkLJ0Iz9wATWOGvZynu7ZDsRel0PHIbthwUohQBNKl95O0eB7B0JOsjTVlkFXt-mfsT6_-1lnAzxdqqdB6ZjoDCFtv6iVn6qpGHHl1D6jAUR37fbewNXXvAKkV1nPqHWIYnk7hpk1mFOovWWYFozM8cLHexiQBhci42H3RygMut7YGSdODwqXfyikDBbQjKlP7qAQfLCW-WcrCZtKsC0wiRigOjl1H5Pgp3a5DAGGzsjBunsyceSQUb4bkq9ewo5As1-MPHwekhl6bt4lzljLIytqG_zqqKg6XgenXxi7SetcYsabY4Qz9utNaxVcJpfD3Dct5Sn7y-HoPYfT6rvZ14Sm06H6zlDjZB1H01fZfUevacoBRxzQuiT1zWZrB6vDJpAhcaESoScEjAL3bc8BfTtFQgFLHRDxEw47rtFyNumgbYA4dnNpeZS35PhvaEU4hbUazSLdiOyW-qs9SZB6-l493ojVWXenNjZHJx-QE7obVhjMQ9mYC4JvAoOAZDW8hbYxJBS7Jh9CgWqvHXqqdeyhglzDT3oKtUHRVeL5aXs59-u2vI48dDzWEaEhx-VfX4eaj0hLjYtrl1VqV-iT8Yfk-wFhe3ZdGMqZk5k5Hcqd88mzBL4prqn88jz18mfawpvDfk30THXDRGmNZcxrKuY-U_ZYV-8a1YgSrFq8iX0Q9_yDsYZVZVfTL9RzgkeRuTsHaJlWM8wsCDk4gaXBMlx5ZTdjMEwH14zrrMkNch1AddG5a0vHtKy9Uwsz8OTvk1-tNEFu6liWFNof6MsE8LNfpqm-W5vbpJe7P1lczusM1aiQfW_WWf5SIWQx0K9BtC2oHzKj6GSSxvcEd905gYNVrRWzl_72uqKSbnt9dd6IUN8wefBPDgfwOLKkNtlSEr3B6WnvCX_VlDWOHthyLhKsPtyuhutLK17SvMmVjNUMCJ7rXkr2r_cd6dft2xYCA8kMNFByl6Y3XbmZWLws9HTiTbv2J7N7qZrEkaN1YGHj57Vg88_73hqWEn3R42OrmmZnhzyOCu_m_oLoGKVDoBuMLWQWG00SZkAj7byZ0k9UtMIhR4KSb5Hu860AzK9IOp1JIlc_uyTQC7a-MpbGVCAd8tyaC-JRvIBtTSGp48P-IolftjiEOOk7bE1wjoWKIdriKLx9ow-CWRBOG0Y1QOhdr3M-KUcJRvhTQ_y_uSW8ga5VvezX-zuNdxjbmMb25-vSaNxvuOHphGNpY7e0HOeIRynHBX8WrOpp8FlIikb6luexhBszWu0H-l42BfixNROb-QDCXEYVfUDadNSTPfFuoaYoEfG4luB2kbTO_Uj-cihxWZRgtw-II8CCSvo9xqemCLDzg8zDOl7B-o4NMdvXF_KWYJl1cYZLpkIe19xjBxxFrDIoqYwu4soKvRgFIK3t1B8M86NGAKdFyEj9K0zRdLBA_ryuzWf0f-c4KVsiHre7qfzl5kcE4qnVG0ZkKX1WXNmc2_KiMiQgP3_pS_dZSp5X8xrMR2xU-Pyr57r_4E2g8yHwJ8YWMw3huLYvcxbEm-2jsMg9aQ6fWAOXyN3pDqYnGM8Kza-XakfBWkmwgX7S-YpXL90PBA0wD6aBglnGqlcPKk23Oe48Z_Pep6af-GRgtQqUHSFWWskJdX-QiSX_7IGPwFFyOMxitY0D4diHVaKG9hSbxGqjY2i8KtTjzKjKbQYr58HmwDp21PUNPYl6bYmh6DU9mZDewgZHfs3hqR9o_f2SCPT5pmPziBsrb5_FpoN8FPb2K1HKnU4BqLb7w3wrs6WfUR9TyJU2N7St9x_Hni8k6YJi2jJxuKurmnR6SFTQ3L7CpdSr2aGTJiiEVa_GpSOsdUAg37r2p_HdIMJNg9s8ZeeClTE9E94hGo-CuIqeaWYTB18_MV6jJLDHA7oM_gQOtHB-aBR0pujr_5yNjylveiQ_um0JYma6mjrpUHmrj7X2RrRvx78s6Nuu9oK7qA1jFwnAvgamf38MkrLhaSCUW65q_CHxzRzsj2ep39CwQsknfle8muq5PTG8DyyWPve9vbYh2pd-ZcD_Ro1375qCIn-uJFbfna49FBBNKvHaEAb05PxxFWKUHEDMxtSwgYKNB3zK1EXUhBgee7DBeYz32oY1k5Oosb1V9JpDF5g1bdzbVAuYZMSJsh3lWSMOHOruJNFbjdfLlMw7q3fF_S2iQyLV9s8nMBZmukoRR9u7DVoYg2xKHOdN3OVy_ZU1WRDbapXPxx2zPNk8pfuUGPhyZYHv_U465dHkVpEUiaMltE7lXR9wp4QICAaijvk8W2q4eRzEGFwEPPmq65kppCBhLMwUxz_aZcKteSytXzmubI5cycPSgP8F4oWFpvAcOWpHOqKFUhUhfZ5C-FW9f9XOs71vKN36MgO9WJbvp0VHGqja7go6ABEdkygnhGr-nHvv7YhQnCwRNpv88VtiF108RBDc32qmZIZjUmpulsNDH62lKv19afgVnE5lNF9NbYB9NHrRC_Mgrpss666AT8&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=12541189012254687000&adk=1033480531&idt=116&cac=0&dtd=91
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
47672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:41:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 1A78 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CTt4PfCMEnWbJZWLi3PU1npzgBGRBCMU7kqRUtu1BYmoTRTrvPz47V_oXUjdUgjHzt7LlfCbI64-RtXpyl_vsp28hRn8DOhXjcV_nWv0v5BmFvLQJX7H2q2wJNTUKtQtAW63RsdA-fgrFWNK_kpnFaOgk262gXAgAOZ_Aingr8gAhW1aM&dbm_d=AKAmf-D4g86WKstWWQMZeuJzE3fqYz04ErdbSCAeUqFt2bh96veGzD4UXySyfYGsPFJ2YlzY5S0RPGV38KB6hKb9teY2g2_34Yp2SNsNpM7jtzIecogSUlwTAi6zXoyEV7WzECC2zx-A5Cq92g4-YokPR-UdFXr2G0WM4Q4eRbx1B3NN8VJjA1xFB6BrMs-YPYNkh_4j1Y_i5eLVgzpuz5xxyV2pn9_VFgdxMPOzN46_2bcrvNhpIvEpKoTwsyLz0s7pAjmSlYvFqeRqlAMcLiS_zTr5kcszOuBtzjDLbLxVKRPGjAA1_1ViX96zL3fvWNnetL1uq99VkY7C_eMk3HgDue8pKdZ1ZYS5cKmRZK3GvbeZTei2Dd3myKY3FERRYzTqmER4hH2W0qGFk3oCRvXrF-YmF6LGsy2AXHdQNhw_TjWxrv9h3c6mE2AAIVWhSAg-JTNgOzbjoCpqbdWVkHej_1HNIrHhXZKM4pQRdh30LukwWAfhtISx-iuT6JqMi0i89zkvl7vO76prOhml_S6eGphZciNcezRRl-D7nfnTGIhe1Si__uVVCOkt_gsbkSO9RgGmnhoKRU4dGyRV93V1jrgZt4XJWxtDt_ya81cGC5-uwqvw9nMaCg_IL1kRJ5-V561PFPApgCaXpw3Ppp1n24sItTiDu8pPNN_HEa6K9TTWZzcKCSz_Nm0FXA3tnSAFrrMYT4PxUSM5wrlzZFDrV-NT0sLNzjyDq0mI-J9fxuSjx07h6HT190F7F_D5-WIv__F0BKQWRdki63MFXx83qTrWyZfdU9Pe4vBNbQA3874JQotpatCDnrZyatSTILMphhpMMnSiADVhEzlhLGWY4Ai62yXyNcn0FvqPu5G28TnPM9Rx1FKMzlw4uQcky9EzA7Q-RzncBXYykRH7krpsjBgcJ0lVoKdW7F553EH4jtPkWoM4dYN5_kguspke1PnJmMwRRwHC_TEgP50JKoSfr3erP7SaCrWpDJfCv-LH_xuvDyhmAc79XcPBHC-koiU9uVy_VTEX-LBn1V-wEudrFgYoPpEcJT_zPpa8wY7yMaYd43I9uY-GVXteJ3ztbuhWYKxJlOqnhMICEgTyL99Musv828VC_pdAGlKHSugVQ1vearpqEYKlxhn_JUUvzxNrMffa8XwkP19RKHw3UZIUfP5fW_YZ3kIGxTTWUoQIaFgV_WC19lTKsBSDY6MtOyhFl7Vcb7hba0VrIdftUyrPoHMrYMTvsW_NQz5eqNrma-1uHKeP-k58Ua5PxlCcdzgpYovMgouYsiJWqoUw0KRnRP_qCrsVKHcJb0aT0ymQhzogzD1adSQngqqOok8VqaeIHTQLlSsEDr7su-hfcdgwM1v-Vm-E5ER6MLYAbr0ObivcjmN7inBXWhsjVSW6Mn-zpKqtqq0df-90WxmC79y3iWHEUofqXvc3etrJgQ_9piEq0F6Onlx8fmqRfaXw9A5xrL11Y-IeSY2JORxdPGoZA_25hdahq_VBofwbJUvNXKsemVMDOGCqiEvMgBXK-YgE3F1wvdcAttA02WUyf7Hkm1vOS_wmIQxEjGBCCwjqWZq8I4sER9fcM5ThdR1gmMNv5EsdcAOVKqOX-0hTNRwpdXHeR3EX_R3ziEGRF2Mbj2X94p8CQ0JD19z4a6HbIf5n2b6RSbYJcUCln69Ev-50WOL52MFPONYv_LKYAw491xI5Ao_NQcfY0B5n9dX5YgLQcoZ9_8OxevP7cNsOTXHwzRbyyaEhjtZFmMmzE5YYpkLJ0Iz9wATWOGvZynu7ZDsRel0PHIbthwUohQBNKl95O0eB7B0JOsjTVlkFXt-mfsT6_-1lnAzxdqqdB6ZjoDCFtv6iVn6qpGHHl1D6jAUR37fbewNXXvAKkV1nPqHWIYnk7hpk1mFOovWWYFozM8cLHexiQBhci42H3RygMut7YGSdODwqXfyikDBbQjKlP7qAQfLCW-WcrCZtKsC0wiRigOjl1H5Pgp3a5DAGGzsjBunsyceSQUb4bkq9ewo5As1-MPHwekhl6bt4lzljLIytqG_zqqKg6XgenXxi7SetcYsabY4Qz9utNaxVcJpfD3Dct5Sn7y-HoPYfT6rvZ14Sm06H6zlDjZB1H01fZfUevacoBRxzQuiT1zWZrB6vDJpAhcaESoScEjAL3bc8BfTtFQgFLHRDxEw47rtFyNumgbYA4dnNpeZS35PhvaEU4hbUazSLdiOyW-qs9SZB6-l493ojVWXenNjZHJx-QE7obVhjMQ9mYC4JvAoOAZDW8hbYxJBS7Jh9CgWqvHXqqdeyhglzDT3oKtUHRVeL5aXs59-u2vI48dDzWEaEhx-VfX4eaj0hLjYtrl1VqV-iT8Yfk-wFhe3ZdGMqZk5k5Hcqd88mzBL4prqn88jz18mfawpvDfk30THXDRGmNZcxrKuY-U_ZYV-8a1YgSrFq8iX0Q9_yDsYZVZVfTL9RzgkeRuTsHaJlWM8wsCDk4gaXBMlx5ZTdjMEwH14zrrMkNch1AddG5a0vHtKy9Uwsz8OTvk1-tNEFu6liWFNof6MsE8LNfpqm-W5vbpJe7P1lczusM1aiQfW_WWf5SIWQx0K9BtC2oHzKj6GSSxvcEd905gYNVrRWzl_72uqKSbnt9dd6IUN8wefBPDgfwOLKkNtlSEr3B6WnvCX_VlDWOHthyLhKsPtyuhutLK17SvMmVjNUMCJ7rXkr2r_cd6dft2xYCA8kMNFByl6Y3XbmZWLws9HTiTbv2J7N7qZrEkaN1YGHj57Vg88_73hqWEn3R42OrmmZnhzyOCu_m_oLoGKVDoBuMLWQWG00SZkAj7byZ0k9UtMIhR4KSb5Hu860AzK9IOp1JIlc_uyTQC7a-MpbGVCAd8tyaC-JRvIBtTSGp48P-IolftjiEOOk7bE1wjoWKIdriKLx9ow-CWRBOG0Y1QOhdr3M-KUcJRvhTQ_y_uSW8ga5VvezX-zuNdxjbmMb25-vSaNxvuOHphGNpY7e0HOeIRynHBX8WrOpp8FlIikb6luexhBszWu0H-l42BfixNROb-QDCXEYVfUDadNSTPfFuoaYoEfG4luB2kbTO_Uj-cihxWZRgtw-II8CCSvo9xqemCLDzg8zDOl7B-o4NMdvXF_KWYJl1cYZLpkIe19xjBxxFrDIoqYwu4soKvRgFIK3t1B8M86NGAKdFyEj9K0zRdLBA_ryuzWf0f-c4KVsiHre7qfzl5kcE4qnVG0ZkKX1WXNmc2_KiMiQgP3_pS_dZSp5X8xrMR2xU-Pyr57r_4E2g8yHwJ8YWMw3huLYvcxbEm-2jsMg9aQ6fWAOXyN3pDqYnGM8Kza-XakfBWkmwgX7S-YpXL90PBA0wD6aBglnGqlcPKk23Oe48Z_Pep6af-GRgtQqUHSFWWskJdX-QiSX_7IGPwFFyOMxitY0D4diHVaKG9hSbxGqjY2i8KtTjzKjKbQYr58HmwDp21PUNPYl6bYmh6DU9mZDewgZHfs3hqR9o_f2SCPT5pmPziBsrb5_FpoN8FPb2K1HKnU4BqLb7w3wrs6WfUR9TyJU2N7St9x_Hni8k6YJi2jJxuKurmnR6SFTQ3L7CpdSr2aGTJiiEVa_GpSOsdUAg37r2p_HdIMJNg9s8ZeeClTE9E94hGo-CuIqeaWYTB18_MV6jJLDHA7oM_gQOtHB-aBR0pujr_5yNjylveiQ_um0JYma6mjrpUHmrj7X2RrRvx78s6Nuu9oK7qA1jFwnAvgamf38MkrLhaSCUW65q_CHxzRzsj2ep39CwQsknfle8muq5PTG8DyyWPve9vbYh2pd-ZcD_Ro1375qCIn-uJFbfna49FBBNKvHaEAb05PxxFWKUHEDMxtSwgYKNB3zK1EXUhBgee7DBeYz32oY1k5Oosb1V9JpDF5g1bdzbVAuYZMSJsh3lWSMOHOruJNFbjdfLlMw7q3fF_S2iQyLV9s8nMBZmukoRR9u7DVoYg2xKHOdN3OVy_ZU1WRDbapXPxx2zPNk8pfuUGPhyZYHv_U465dHkVpEUiaMltE7lXR9wp4QICAaijvk8W2q4eRzEGFwEPPmq65kppCBhLMwUxz_aZcKteSytXzmubI5cycPSgP8F4oWFpvAcOWpHOqKFUhUhfZ5C-FW9f9XOs71vKN36MgO9WJbvp0VHGqja7go6ABEdkygnhGr-nHvv7YhQnCwRNpv88VtiF108RBDc32qmZIZjUmpulsNDH62lKv19afgVnE5lNF9NbYB9NHrRC_Mgrpss666AT8&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=12541189012254687000&adk=1033480531&idt=116&cac=0&dtd=91
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
47479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:44:53 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1A78 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
566675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame AB57 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 10:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 10:44:39 GMT
all
csm.eu.criteo.net/ Frame 991A 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=2QXS3czbF5zHnohXqMlUhECyPVzPFrHMAN3_s4CQoAwflIPNlNA95OULLjoMRc7Mdnf25k9zLNEa37MdnjVdREc_gw7VlpYqy7DI4WlmloCpVdhPojaRrmd2jLXhBbNajexHLCCIMzgH--1keebGfQQUTNhHDcSVJgx8VlqI3ZDf34MIvnoQGy-VKQKFfe-QNqrpQN_FD-CPyxfhN51XvJq6_31AX6i_ujLUjph4pTwUlZJH3Q4zWzRUrAck5iu6SZxgCg&sds=2&rev=89076&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 991A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 991A 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&u=%7CwA7xYuSwavfrhfChwmy1ul62cY47CDO8a7tASDF0qkk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj7FWbZQKLVaRVQ3zVmW-eTh0g9gZspEvk2D8nkar_NiMYWDw3KdICv4fe8AY0eqHytXvqOiyQRjkbwwh5ISh9BeBpeo2ICLrE8RAYmZnLkCG3xQ2lHw4x-OFjnll2-XFZBb6C0Yjsip682TWSSHk7PkO9WS7afpO3t81hzZEXq__bU0v-gl7WwkD5iAU5llqrmX-Oxc_PpL60iNVGwkzsENRLBu2E1i2_-ibSnj5Pbt9vNhDe_sxV6dQY88a4BQLXJH-HwdxLgYoyzYsz62YqmZRmDXvweYdDXfI0O6HZnT8qokIWSiGcjqk4xujb8yNRXOYpPU-JgTrCIsawA7I9Pkd9JQ__bgL15MWEVmjVJqY36Svqlf6zfh79wa1RMaYW1RLcoahurfgQ_y16J__G3m52cDuRu4_U-plprs0VDjUJdbdv2xqBETloZPEIN06F7Sm8yMqWAP-UPU-s7Fcvs3hSf0ohrecQbDfImLZsT1vx39arykOvV8U_ke-5voCvQZBdH9Q3aEXiskhMDmfKP7y29Ry7BZOG1-XwcoZ3Gdj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSK_eahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMcCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRqSxXVey3zCQYsRENDUxASlMABHjw-hBlKl-jtb54VHpLQ0Unrc04e2p4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzf6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2ZGN5crTjdF6aflt-VM9xqQicn9w%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:12 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 6FC0 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 04:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 04:40:24 GMT
ae062c328c01fa5b853497f7c3c711ab.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ae062c328c01fa5b853497f7c3c711ab.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c10b833e48d8d5539007bea8c010670e39582aa80bb4c3d1de7174e809f7f9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Wed, 25 Oct 2023 12:56:12 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_112%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ae062c328c01fa5b853497f7c3c711ab.jpeg
age
0
edge-cache-tag
510668585916823868737192866904582775522,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
cache-tag
510668585916823868737192866904582775522,462925964239015466501151793614809918113,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
573
req-referer
https://www.zahav.ru/
content-length
5752
x-request-id
39a0434509966b1dac54ba8943cb9574
x-backend-name
CH_nlb803
x-served-by
cache-iad-kcgs7200142-IAD, cache-iad-kjyo7100079-IAD, cache-lga21923-LGA, cache-iad-kcgs7200141-IAD, cache-fra-eddf8230021-FRA
last-modified
Wed, 18 Oct 2023 14:31:35 GMT
server
nginx
surrogate-reporting
width=200,height=112,bytes=10027,owidth=1000,oheight=667,obytes=633045
x-timer
S1698238572.314718,VS0,VE0
etag
"a14fccb8aa3c67c15fc3dcc145d4661c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
supply-feature
am-trc-events.taboola.com/wallail-zahavru/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/wallail-zahavru/log/3/supply-feature?route=AM:AM:V&tvi48=11593&tvi50=11820&lti=deflated&ri=c37c83420801ffaf41d2773b5ff91a1b&sd=v2_fa71077458fca15124314b69ef80f1c6_9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8_1698238568_1698238568_CIi3jgYQouFcGNayoLe2MSABKAEwODib4wlAhIoQSLCG2ANQ____________AVgAYABo6M-UzoD43eJUcAA&ui=9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8&pi=/&wi=-2142418538647094111&pt=home&vi=1698238568790&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22263.875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=14%3A56%3A12.329&id=196&llvl=2&cv=20231025-5-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
truncated
/ Frame DBF6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e64b003b98d7e4351548c7526e745806ebab5ab41dd02fe9df4bbe89b6b013e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 325E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1350098/69352126/ Frame DCB2 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1350098/69352126/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bidurl=https://www.zahav.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h2uK16C2JJ19d7CHaxxeX0
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.10.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-10-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4428cd3f170f314f726ed70536cc60b98abe948ecce424b06d4fbe5dd58b7845

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame DCB2 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Origin
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 16:21:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame DCB2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLbLWx9lMbXJ1TVO9vTYgdw9KNf_7R1wlEDq-RtqPbGdu_QhYmUBU7OWeAKC2U0Kwnnr3LUCytUAtdMpCdMZWo-UzPAeBw2bWW9vO4HAajlXGhDH8KKG_6XWh4QfozOXFHPJ8nP334-n4E5yU9dVqwkuENeEiYMqNdOdMwg35AerjZDDo&dbm_d=AKAmf-CiSP90L8UckESl33kThx-9G41IN6eOmFiDWw5sews3RWIWK-31zWiQZucOjQhy74UfGZotaK1BFBqfqF1tGQAqbFrewO-VGqjE2IM-fTOcqaPtQjVv5OoLTgSuYBy7CnYppXn_1zM0WUROKtZ0r3JXid7JsqPthq_E6ShlNBGcCMPVU-V0hZfcbo5KgVSG5fe4OZg3PhnJCRdDVhDufmzGzR29Aj4MkixUy_dgueKfHfBf3g02Lz5Aq4SNk1jA34cMpbnTzy225AxKPh2TiA7HSC8NPut3JD8icwhPPD1g6JN3b2wPzVm3DYZ-rByy1cWC8-mw71Gts-A_Xn8aF6bzC49KZzfxJZB0Qs6ouZG8KygHmt_DvmrezSrB3raoHO0ZOmNB_FY6Pgw58H9f3RxcQEWkUPGL_qYdcUNlJFvhI73AXIvWM7SMNFW8IHOaLs8tFE_jEHJCRwlC2uQURCMp4EhsKCUVx4P-JLtuwWxOVfzC2wOQgvrv8h1h8xgcKdnwKFx161F-0k9-pZKkyaXyzCf7YWnwcWtuInslWtHZtSKgK3IwTsXWP4cqQDixHhSdj8m3MvZTb2tnuieddZSRb3jy19uvD2Mwzxa2Fd5W8JW0O3MBAmeAvhfGmrorvj80wo-x6-4yjr99ooPM8eCojyykLE6Mc4dYd8tRSI4-mSGlEzjzNmkzsoyIf5gEqThSoOiqGPBPwRxKlMHzNS4ciQg3RKao5-lIwDfaJJvvzQFFHSM7qcn4y7fIsmuCHuuLcsTDEnj_x2L2P48e8GOhqtY8CoCfKawQyuPkI4rb_KbXvkd7lm6qQHSIazykW3d34DEEU24c8YZcvDXPPTc11ToV2Cx8QYbL_npoykmLK71h1TR1fnuJsOfagHAD-KTcm5jMI-RtSOAM0xMHTX8oWgCeiVjGSYA80wlDdL5WPWvXdCJqk6V9t5mCr_OIzTghsOFYa8ftuFjRZILqIcboIL81zkqdpJs-jd-lxG5ryQWTLQOiDa-YCwgd8EoIVCWv8wduTcH7Bbx8wzHo51cB2TDkWoluyX3n1lyeVy6fRQNPAX6AlTiv6FhHe4nQ9HYBdw5Ge-8BX3NxMy4MFl5w9E-GuqvfZ9uCat0UCRY1l-ZZiKURSLxDtPe5csDZR4yseuyEzbpeR_ZpZW0HiBNxwSzaAXdJ4TGGEaB7sux7ps2dQbzKwfkyOQcm21SyB3ppofz7mj7WZMzX-_ugYv3_f8FwFg7M2pchOHFSy1aAAt74Eyrc2DsKNscIk1zrWkHZM8nQ8y0YxKjFB2AGZKQKB7LymwNnfcn1msfj88DqX6HE5Ljubpnf3W4RA8K_FeHWMt1hNItQwgXCEonG3Mx14k5M_WhzZI-svaAE9pdk6DrWkEPgwBTBG66A48iNxq-BEgTBiV1tL4auPycTi7DggqBOnvAh5c4oIco5AEpbrULdABBDBKUNFmBFHiAxFjGVSWcjKGYDzyT5dfl7kKEfbro1Dcm--UfYtiRn7k3odZNDqDtPzgTkg4faNNyVtSobqzgGwlyCX4knqt7zMTX9rO7hJVm73Nk9lQJqEpyK3VHr3nY3wjneK3bMy18N5fZ50hutU0bBcpgn_Kd1JdgSfprDgxrcEhsZd6TCE197-quKnQmyz45bHUnS61VyYmPCeV7UzF2H3Z-uarHwU5o31BaEE8-Bwt4ADIFjEb-qPfoa9gsUnPP5GHEok6GDi8zaXxSTZ5Ak6-MCTHPPy4SvAGeUnncMXciGNJHp6n0Jr2EUKXErpXu6WIx-1rrOq8CABapSEjch-OBaHWBZ6PQTIJpOLsAouk_HoBCjI2J3lN4zHlpu7BMdk7HkXlS7b7VZWZSIXUpYFlb5lcxHRtcFq--2ENCbeBmU5BIsDsOyQkY4EamaOgjhNWsSTx06yHKTsWeS-UurLDXcwkqv84G6sATN4370QC91tNpSEoGEbI19oX2y0B1T95UMNKYj8LbQznb-PawPfPrUrzfw8ekOpGmndTjlm9m_gZMysa5LLbNcW0Rzn9nsuwm6NdxK3gHiUNHeWDaOJYQ-Tbi_VVO3RqCaP_0REYRERdW-lZkWfRlCYGIVYovox1nnKJLHn1rCd18p8PwVAluhZR_h4FyvTY4mTPTUYs_OgHcfCNQ8Qbm1KChKvknGGHC25w_OvaomdlYS-hOMaI9zpDI7sNW3MGDVwhmPYKhomIOlf7oqYiV7YnUrRg18LF-gAhAVFANTH-AQCOGCixaNXI1Js-Z-YFyUFcDYHZ9GLgQxz3E_faNEpneMZeB0pdUHJle8BO8GOL5zesCKL5yqYaT9vIJ7Y4AnHWMcKTd2c9I1W9McAWgS6dS1JqA1hmOYPtP0GhG09t_CGVtz07oqaMyHM1HcggzErcTGWLM1iGT9dObWc341CCdNMiUug_AxgN95Jk4hyb5ioyeVlXGK1hwKrgSawt6MPZCWYejUMa6MLvuo82oZ6ANUAc7-nwxEdZ0SXKLGM3lH1YmBWHaZ3mkTLof3vYAXmACkshYMHk7SeDw8Ce9eb_nu81YwiNhtq8FbHmBqTuPtKlQWrZqfEnDM_OgnCC05hrJ-lq_CbDNr50P3QoDh05zmdtepWLHpwaxetp9C5T66aX9zBJimsBxMwpdTUEgmTCDDWpqeVBNyCNCAn3fWbcK2NzBhYtAtHIM9_TAQeWA26LENr6q7d3v093kPDBPXpaaEp1QXL1Rhq8wYgBWa10O_nqco64RbFHX-jSFtaHtx4UcmnqSOPcBO9fwhfotFSDQd6DksJJLvWWYpHGT6EXJ5l6Ke9rU5cLMfkdB9JJzDEWBHPKm7DwXBo7a3Mvd0kCWZuwSiAXpT2CjnuTt76hS5OYxSkdd8z9nvyi7i5PZgX4anSvNc0jyl8-6plX5B4zk1LGDi0SZynsP0XOZX9pKov6GTZLtmN3PyAR-uhY6JjPwP5a8VxHriCWUpWhQ5u88NivZy4qph0AgjmDK5Ouaq_UazotEp_BzGOCVEd4AimNKRiud4_AZz6bfilwfqmogi-u1bf9b3ERpTcHdBOzHHXTgvlXNWXD4WhpBqFQ-KIopVDzScBprvLXj2HJMxLz_n4ZEAcW3li5Rf_W4M6k22ga--InI05JIN7SfQs4EKPjpLnH36fjabpPUn7fq-lACf-xrjuurDKPzspC5VLHSj6VSPfoxu5Y58XNrJOgC3sx3zvExwngLQtE5y1yzvz822Eb60eQ_sjijuXOlPGCH69MLIIwHJ6tHFnuHVtZovxU4KZz-V8qTajpU1Ktbug8UEO-ZLjQBOVlSWvgffRLIV02MlGP8H2SJeuTbCNE0B_6-vfviGitod4NImnza-5qrFln4JKaPkR1h6-HOQVmq8yNbovaq3gueP4Gl2z2Hkw8d14qLtYoULauusPzEXjGPA0gbEjeOFvUFLwWbLjX62WhCxDldyehi24p5XBTfYaHXHaYe74jPiGpIBpinYu2mZ3YGjuI7EYwdgP4SpcSxP1J2YbINtc1mjbWMm03urIzyVYDhaKO2vLR25bXGzcETIlNkXnS-w5e7EKulgLdbwJOpTSx80MDthkrPNx3vCLipxlIR9VXA7-Po1OJTO3s_8oVwXf4y2Q8bYEzollXwMsCqtA_2B8YaPHxdsGdHkB8P3y8xizgcVuLT4OmPK1jJCpMIGmxSbKXkTA4-xIuAXBfhNJ6LQ_B6sjRBBF3_Lw0gyt15Ib49lothsfIQbx1e2FFBJU-l0Y6OaSxO56PzxpQJZ5Tmf7ky4KWK8H9oxg7mEGiF33yXoQ1IQKjix9CmNr9O7Wjk2IXaVUcpMzrV2StVhzaK3-m_J4hwGzI76Yx9JBjeAtaY3zSaIRA92ozwUnIFyC16aGAMdfpnzDl-WPJmqu-kh6zkaVBQsddk7UuBL7z3nDn6kyGHc5GzHo4155BucwEoDuy9SiZX-ihgs3LnOej1m-NZFpMwg-VxDkPr5BmFRcFwutKuRhRSgqPBreKjTN1Xc3djYhGtnzYcg2r7A9NrSSPxOSArSVF56zZWdpx7i05UAPf8Q9tjs3wPl_PzB_mfVGvcm8I1f2wvVRSC0L9Lt0wGI178I6f24qpuBwbz91RnsA_fVGfvncecshUA1pppWpoZ40cIGT5RFgyeXJO5BqMEhejtL-tzWiluZjE9yWDqm8ImH3Ia_QStxxpeFPRHGOGvzKlnE7VuJm9ZBQ_jDiGVsZSgPpgs4AyzmBoNHD2VcPKUp7AsPnPHX6W9GvLuSJeZvjOOXKuM&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=5437148198146637000&adk=4188270525&idt=175&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
47672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:41:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame DCB2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BLbLWx9lMbXJ1TVO9vTYgdw9KNf_7R1wlEDq-RtqPbGdu_QhYmUBU7OWeAKC2U0Kwnnr3LUCytUAtdMpCdMZWo-UzPAeBw2bWW9vO4HAajlXGhDH8KKG_6XWh4QfozOXFHPJ8nP334-n4E5yU9dVqwkuENeEiYMqNdOdMwg35AerjZDDo&dbm_d=AKAmf-CiSP90L8UckESl33kThx-9G41IN6eOmFiDWw5sews3RWIWK-31zWiQZucOjQhy74UfGZotaK1BFBqfqF1tGQAqbFrewO-VGqjE2IM-fTOcqaPtQjVv5OoLTgSuYBy7CnYppXn_1zM0WUROKtZ0r3JXid7JsqPthq_E6ShlNBGcCMPVU-V0hZfcbo5KgVSG5fe4OZg3PhnJCRdDVhDufmzGzR29Aj4MkixUy_dgueKfHfBf3g02Lz5Aq4SNk1jA34cMpbnTzy225AxKPh2TiA7HSC8NPut3JD8icwhPPD1g6JN3b2wPzVm3DYZ-rByy1cWC8-mw71Gts-A_Xn8aF6bzC49KZzfxJZB0Qs6ouZG8KygHmt_DvmrezSrB3raoHO0ZOmNB_FY6Pgw58H9f3RxcQEWkUPGL_qYdcUNlJFvhI73AXIvWM7SMNFW8IHOaLs8tFE_jEHJCRwlC2uQURCMp4EhsKCUVx4P-JLtuwWxOVfzC2wOQgvrv8h1h8xgcKdnwKFx161F-0k9-pZKkyaXyzCf7YWnwcWtuInslWtHZtSKgK3IwTsXWP4cqQDixHhSdj8m3MvZTb2tnuieddZSRb3jy19uvD2Mwzxa2Fd5W8JW0O3MBAmeAvhfGmrorvj80wo-x6-4yjr99ooPM8eCojyykLE6Mc4dYd8tRSI4-mSGlEzjzNmkzsoyIf5gEqThSoOiqGPBPwRxKlMHzNS4ciQg3RKao5-lIwDfaJJvvzQFFHSM7qcn4y7fIsmuCHuuLcsTDEnj_x2L2P48e8GOhqtY8CoCfKawQyuPkI4rb_KbXvkd7lm6qQHSIazykW3d34DEEU24c8YZcvDXPPTc11ToV2Cx8QYbL_npoykmLK71h1TR1fnuJsOfagHAD-KTcm5jMI-RtSOAM0xMHTX8oWgCeiVjGSYA80wlDdL5WPWvXdCJqk6V9t5mCr_OIzTghsOFYa8ftuFjRZILqIcboIL81zkqdpJs-jd-lxG5ryQWTLQOiDa-YCwgd8EoIVCWv8wduTcH7Bbx8wzHo51cB2TDkWoluyX3n1lyeVy6fRQNPAX6AlTiv6FhHe4nQ9HYBdw5Ge-8BX3NxMy4MFl5w9E-GuqvfZ9uCat0UCRY1l-ZZiKURSLxDtPe5csDZR4yseuyEzbpeR_ZpZW0HiBNxwSzaAXdJ4TGGEaB7sux7ps2dQbzKwfkyOQcm21SyB3ppofz7mj7WZMzX-_ugYv3_f8FwFg7M2pchOHFSy1aAAt74Eyrc2DsKNscIk1zrWkHZM8nQ8y0YxKjFB2AGZKQKB7LymwNnfcn1msfj88DqX6HE5Ljubpnf3W4RA8K_FeHWMt1hNItQwgXCEonG3Mx14k5M_WhzZI-svaAE9pdk6DrWkEPgwBTBG66A48iNxq-BEgTBiV1tL4auPycTi7DggqBOnvAh5c4oIco5AEpbrULdABBDBKUNFmBFHiAxFjGVSWcjKGYDzyT5dfl7kKEfbro1Dcm--UfYtiRn7k3odZNDqDtPzgTkg4faNNyVtSobqzgGwlyCX4knqt7zMTX9rO7hJVm73Nk9lQJqEpyK3VHr3nY3wjneK3bMy18N5fZ50hutU0bBcpgn_Kd1JdgSfprDgxrcEhsZd6TCE197-quKnQmyz45bHUnS61VyYmPCeV7UzF2H3Z-uarHwU5o31BaEE8-Bwt4ADIFjEb-qPfoa9gsUnPP5GHEok6GDi8zaXxSTZ5Ak6-MCTHPPy4SvAGeUnncMXciGNJHp6n0Jr2EUKXErpXu6WIx-1rrOq8CABapSEjch-OBaHWBZ6PQTIJpOLsAouk_HoBCjI2J3lN4zHlpu7BMdk7HkXlS7b7VZWZSIXUpYFlb5lcxHRtcFq--2ENCbeBmU5BIsDsOyQkY4EamaOgjhNWsSTx06yHKTsWeS-UurLDXcwkqv84G6sATN4370QC91tNpSEoGEbI19oX2y0B1T95UMNKYj8LbQznb-PawPfPrUrzfw8ekOpGmndTjlm9m_gZMysa5LLbNcW0Rzn9nsuwm6NdxK3gHiUNHeWDaOJYQ-Tbi_VVO3RqCaP_0REYRERdW-lZkWfRlCYGIVYovox1nnKJLHn1rCd18p8PwVAluhZR_h4FyvTY4mTPTUYs_OgHcfCNQ8Qbm1KChKvknGGHC25w_OvaomdlYS-hOMaI9zpDI7sNW3MGDVwhmPYKhomIOlf7oqYiV7YnUrRg18LF-gAhAVFANTH-AQCOGCixaNXI1Js-Z-YFyUFcDYHZ9GLgQxz3E_faNEpneMZeB0pdUHJle8BO8GOL5zesCKL5yqYaT9vIJ7Y4AnHWMcKTd2c9I1W9McAWgS6dS1JqA1hmOYPtP0GhG09t_CGVtz07oqaMyHM1HcggzErcTGWLM1iGT9dObWc341CCdNMiUug_AxgN95Jk4hyb5ioyeVlXGK1hwKrgSawt6MPZCWYejUMa6MLvuo82oZ6ANUAc7-nwxEdZ0SXKLGM3lH1YmBWHaZ3mkTLof3vYAXmACkshYMHk7SeDw8Ce9eb_nu81YwiNhtq8FbHmBqTuPtKlQWrZqfEnDM_OgnCC05hrJ-lq_CbDNr50P3QoDh05zmdtepWLHpwaxetp9C5T66aX9zBJimsBxMwpdTUEgmTCDDWpqeVBNyCNCAn3fWbcK2NzBhYtAtHIM9_TAQeWA26LENr6q7d3v093kPDBPXpaaEp1QXL1Rhq8wYgBWa10O_nqco64RbFHX-jSFtaHtx4UcmnqSOPcBO9fwhfotFSDQd6DksJJLvWWYpHGT6EXJ5l6Ke9rU5cLMfkdB9JJzDEWBHPKm7DwXBo7a3Mvd0kCWZuwSiAXpT2CjnuTt76hS5OYxSkdd8z9nvyi7i5PZgX4anSvNc0jyl8-6plX5B4zk1LGDi0SZynsP0XOZX9pKov6GTZLtmN3PyAR-uhY6JjPwP5a8VxHriCWUpWhQ5u88NivZy4qph0AgjmDK5Ouaq_UazotEp_BzGOCVEd4AimNKRiud4_AZz6bfilwfqmogi-u1bf9b3ERpTcHdBOzHHXTgvlXNWXD4WhpBqFQ-KIopVDzScBprvLXj2HJMxLz_n4ZEAcW3li5Rf_W4M6k22ga--InI05JIN7SfQs4EKPjpLnH36fjabpPUn7fq-lACf-xrjuurDKPzspC5VLHSj6VSPfoxu5Y58XNrJOgC3sx3zvExwngLQtE5y1yzvz822Eb60eQ_sjijuXOlPGCH69MLIIwHJ6tHFnuHVtZovxU4KZz-V8qTajpU1Ktbug8UEO-ZLjQBOVlSWvgffRLIV02MlGP8H2SJeuTbCNE0B_6-vfviGitod4NImnza-5qrFln4JKaPkR1h6-HOQVmq8yNbovaq3gueP4Gl2z2Hkw8d14qLtYoULauusPzEXjGPA0gbEjeOFvUFLwWbLjX62WhCxDldyehi24p5XBTfYaHXHaYe74jPiGpIBpinYu2mZ3YGjuI7EYwdgP4SpcSxP1J2YbINtc1mjbWMm03urIzyVYDhaKO2vLR25bXGzcETIlNkXnS-w5e7EKulgLdbwJOpTSx80MDthkrPNx3vCLipxlIR9VXA7-Po1OJTO3s_8oVwXf4y2Q8bYEzollXwMsCqtA_2B8YaPHxdsGdHkB8P3y8xizgcVuLT4OmPK1jJCpMIGmxSbKXkTA4-xIuAXBfhNJ6LQ_B6sjRBBF3_Lw0gyt15Ib49lothsfIQbx1e2FFBJU-l0Y6OaSxO56PzxpQJZ5Tmf7ky4KWK8H9oxg7mEGiF33yXoQ1IQKjix9CmNr9O7Wjk2IXaVUcpMzrV2StVhzaK3-m_J4hwGzI76Yx9JBjeAtaY3zSaIRA92ozwUnIFyC16aGAMdfpnzDl-WPJmqu-kh6zkaVBQsddk7UuBL7z3nDn6kyGHc5GzHo4155BucwEoDuy9SiZX-ihgs3LnOej1m-NZFpMwg-VxDkPr5BmFRcFwutKuRhRSgqPBreKjTN1Xc3djYhGtnzYcg2r7A9NrSSPxOSArSVF56zZWdpx7i05UAPf8Q9tjs3wPl_PzB_mfVGvcm8I1f2wvVRSC0L9Lt0wGI178I6f24qpuBwbz91RnsA_fVGfvncecshUA1pppWpoZ40cIGT5RFgyeXJO5BqMEhejtL-tzWiluZjE9yWDqm8ImH3Ia_QStxxpeFPRHGOGvzKlnE7VuJm9ZBQ_jDiGVsZSgPpgs4AyzmBoNHD2VcPKUp7AsPnPHX6W9GvLuSJeZvjOOXKuM&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=5437148198146637000&adk=4188270525&idt=175&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
47479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:44:53 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame DCB2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
566675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
truncated
/ Frame 1149 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15d2ebea38c942998e15318f43f7891d7a3efb8bbe6257b822601c389f013f21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame AA88 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3DA1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DsVrADE1rtMuHODPxeFzAcKEbbF66WGWaM4T7EsfGYpmAQdmMA2DLsH-Czn1CNxm3ET3n1xkuLdiUWD-KelLSW6Sz-VHhMYyUdOby_9SVGaD_Nbmb_gVMH2kbAxPU9HNU2Ga7Jbh5oEoacS0-G6py0WiPTUUjHILBBzy5-PzMaMwxGFdU&cry=1&dbm_d=AKAmf-ByU9rqL8JvJGTw7l0rzVsiEYB0IsM8kYKqNiQ2xW45Kt08SbUiA95dy83FQ7i7DhMQrzcaNPj5iA0XpytKhA-j9CcUU75O248_ASQTKCuEIZe-t6SDoqt_ocI2OPyW7SQY1ocW7-WRZ_p_3drCTdBdega-yVK8rxhWpTYhZPk9YdRszSUdr7fALmy2TZL40RG_M9rUzR0k_2aYjzTKFkjtc7_U1R1RgZtxSQYK0h89lW6ysR_EUKffr1Y2Ncx3ti6nJJMMD2LJo-tcL5ZjGIoFFOwGJ1XT99B4OS6-3MXW63LuLgKpU8mW2s73-ytS89a2fkMofDXmXQFAluje8xsvRmuzvCFEPNj8FYdel6YY2SOrwrftGTNEFFmWLYLjh_3bpG6g0d0kHUf4wrZH1yCtCwP52WO47Gd0NKEYpDwRspj3cPCB2E1SX0IrICZAlMw2cDxa8BmL85oV9A5WfeAgrqqonHBlC-jAP9kRy6E8NBvn0_yhj2_ctTaqMhJWcV-ABpFLPpN3KL21qfY5WWTpo_lRwi-c0KVQ9WF_-qFqtDALnDqx26Ai1t9HZh3NWAD65_EiK7DdmxaKsQThldQfrw8GCTQw5h0rUweUKLMkZN3fM1_g_A08W6aLpqp_NhG8usQOtgv58Lbs0kvpNK2KVrUq9xDU5pGIzK-XDbCZBbPwuu394L0E2uKqh28de9ANfFx-aPO8Wp0UfdAzy23XECoFxMfMMgynwJQd1Llk2bhmqTZyTf52jK_imTc5EKxg8Z_Fu6EOmNqkVvNxNi64jMQtS4Dn9Cqf3-Zjx-n5YEDeVlp0O_UHdF8Xno-zLFWPpInwG27At160lJdRiaeqoKmqrwbOiuCcWehEZH2bHWIuPeZ7b5ekCo9DDx3XHrzaAlrbxWlYPKvD4xTlrOE-Y-xZFgvhLaTB9pf_GP433MOYX_gATMYFq8Zd2KVfafrSfhQFJ0w9KWRKYy-hjwtdeBsfbaeCHPddw9ZSnI_7rbf-MFY_CSbnoia-haCRxTMfsXJO3TbG4I98kaF_E13NUv9w5D25WQ1p-6QUCT6c_HicmoRhB1qHoBSk6hghBMeaqXkzHpGs0WtsmfaOEF-lTWUtu6lxQU4ABD4hADFlilj8K2Q1Cmu7j9_SU6oDrV2EZN2Ii6uK1gTPLYfcsaVG4yVmiMl7rWSAnyg_jL99Z7wqPbMoq-MJxYpLSW4-uLJvFBSPt-pMAEZkMpiuaq2UFEvD75PQfZ-215KQGAie4g93yHynOO1VZwwTz1C1catj-5Y9nG7khWNedIYIU0vNizAn8kOQ_KjcEXRl6exH7df7OcXnmiQWjhHR6rLeotq3bnJie5cUEYmsfTXdMWefUxirziB70O7stW5hMF4_tfQUp9oc4R4JkZ3fkf4tyl1hLVmsFNOKsL0bh3fej9JILW9Yo69X5Tm3Jt67wkJRFzlAN12_n4TEG4Yewd45VAUxnb0grRzUKwooQoaoy5PrEkJoDgbeC7zaN0_8opfZGqmeHJEdOrI79_2khT34Z4i5PhMNRighNY5fNh7PIbiyqqsEQChlG8fVUgM9Mqh2zvXiGmjRIfvZnbcF_QmNdDWNQZA0jy-Ggx3OJHhOpSb-kB7fBD1_58XAPnPi8QC5-K6XITkOiJnfvZbkOI2fSkp2Rgj-FS2vUWmcGBOWnDtBaHjpD6GqwrFxjXkYa1ydc8UT1Vw_qhCF16_TSVNUurWUtDHNe6m0rS_U6jCeirFRYY3yUAqe_M9r9Xhz5ZNXuwup4OK85XviySgX9IUeBsKzFCaQS-AddpVORFZ5naliGX_bnHw13Tx5Q1DOvR6So807qcf06WCCt0Yik_XsPtMffcm91cwL_CIWqFRaLPVvwz38WTh5h2hBbWOU3vFjhA7J1bJJ3Za9_TA57EKlLVZoFR4TI7aGRoWqW-9JwgKnn-ck-Iu6473hp1px8XA14DJ_NetfM2WyjJM5_yTjX5yxHMsHetejyGWP0pdhxORlor22277ks5y1m4BiPTXiQP5XrVsU-wqA8Bc0ni1EnduADJQc32l3M9VMRTRA7iUrIwIKCTfAUCnzF1kEb2jptGVs_a2uV2meqEqPxLRCtr2N4VDAkKFaOTynfcNGlEOOaI2a6741Jwm_ZVUtm2K-CDgsLpVvdAcmD8oMIB_agAEqsOFOy7RsReTOY4h0jNvMmIPHpadDtFpztKbV7VFxtIFvzjJ9ufxstFYZuxQFm0VbIEEbtoHC4NPnepVESkPxD_FWJnSuvPpnEdtbj45TycTgvGQs59vG74s8DmdjyFSyFo98cTjBvZP-30ma6fkJeEOX_ldYjutNWvYkSf1HVG2omCV9iCL9BL43ZWocPhhWlFN0nQ8O1SsWnuIpeatT8pWI30gGFEQGHMUhzq7ThClp973n9oX-bCpiOoyJaiRltn6CLnIs5w414z8fXMDKAk6o2hhynh0Av2GS6vbrmghdG6CnciXh3lKTyvY53iVgI9gKZTRzv3BMLMB2DaT-MSQ6xyecNFMqYZybV0ebS-3OiiyU0d2BgnFtg9kMszrSO45h5ElIIsqiw7szBWjprdTk-yX5BPwdKq32rtuZcIS6suJGCN3zfo-otVwZSeigssOf_fbXYWe1sAvnWB1nDk4bRcxYZiLZNdMWqvpZWj-ESTWtavD21NSsxwCFPJAJJP4UV8Xm0s10N6bG4UwD6oRoEKgG3pFtVWsoF0tRczESGdoP8vJQZ_hWl68Oo947gqu4AfnWShBc3LJzLrH-_U5Sq5_sch-lmofB4LCslCAHXdGZWNeEEJIWI9666aBiN8s52tlkFzoJx0NiqafnEOHS9B-QrI6ehL9BrDP22UCTzG1Y-CJPgZEK32qMjLlaye_JkWlxMAKoYBqVtL6i375htLdl4ZK8GDNFiFLitwcZ0Z9S1wSNp4Kn93OEld2vDxZuTDL2mXj5K-CuKd7GiOeTyGf8qSGK5QpO-zv9dPnSdVmJJV6of67LKt6A5khszlr8HXzGKrSvPF-MrYC-eXkzPfFttXNKOBgNaX8xRpySx_qXnduJ_PhogkizxsbB1_0sr4a8Vw0mBB9oDsSguy14Xh9ln7gvesYC1QmYRe6tr1X8rupgBJ-c0URpICmGlxIqJ8wylh9HHvcj2Dzchi4Ac3eN7ADLqbSZzg2QvsIUo0QVKV4U3ODy6qA0LwWe-9sUXW4BLpNhPOojmDvj7IKLdx99MGOZM9kDd2m735LE2tZLpLVQwfTqpNfDDgd3xmqdBoI_46jKjQNc9xgE4r0nl8obJSS-6scp3qxeSRHIaZFpaaeADkRzO9FEaJ6YNntv3PjkanHiuI90Wy5RySv0Hq2WrzbqoF3d7m6J0zvxAnDxwJikN3uGE5Q1J_8aZTlYHJXhddARnCuah2cZLyy0oIJveprPVWpV06BEAZuwDRICu_trbTvJ-RxJCrVRFxgXU5ese1uZM_LUN5D2NiWS-mvnyovBWjW76DQtdQf669-tVmN1mpCEhxBOwKbm7QJ_MorPDSqp8Gmkc9fzfZyjV5dKcFBFBYFl4TwclT-LArVRobDBb_gelWqIhqAedxcUqbXRbVP26GK_uoDa2iMCC0v1xQE4FpD83bi_C2KIDxPipp_9PV09qQMAd58gDZSFYPjrP3uNbvVoLPCDTMCNoJcPwliurRgsiPQEd_ipoYErukdteN1Hk3EouaDA046pI3ibRZaYZOQjEuGSYjDCDBI-UmYd-qNrS_-eOJBVTZF0VIZDjt-06VRdSxvycMeiGlFXATDHd8DRFrl-8d4PaJ77wDkmg0rd-vaaprO8MAfc0yCKOKqZVzNOlfcZ5C68YcfjYEgPja9mNvVY12bhnYkA35I6mIk4hQlWESIbeAJgOvVt2C58fr30GZSkPCnKe7d6vkiaUFc9uvqHyHgAYbut3-ITJidJZXC5Sju4WEfqo_FbyQ4-1hGfexLVGsmTBfhkj-DIiCvt1lPVPlkPvCEkJCmKOLjdwA-5witpI-p1zo5q6Zpv222Oa1vLbywYrwc3Po8fzSuR5NcuNvyYgFLJXzEBLdqm2FssLOKDmZIibBrF7ygqi6odVTpUtybJU2ESBMIIo4SGtcwiApgIKH7EGQidhl5qGA5Q6iaJCaIAcVYvkPFHHkJ0_WCT7aVnSrvSu3h6gigeiYa7KXgx9UYAR8TScVo18KHSfaySKoP6StroGAIiWsQ-bekF0lLgl1xoazMDYANEA465kv3feaba9d7L8vFiugCZV-KDlZngKFhvd52TjwPF0a2QOGfU&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=12028398269549883000&adk=3661671305&idt=192&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
566675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2ED2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DpoHsgYtZN0u-zAiRVWk_KRpZ8Gt6IGRwYeQUDoUCg0C19kuN69EfBUePqDO9FcH5Jq7W4p-D0-5GVtbZDp4wzgvL5z56jnmP9sbXraWPrLjR4fsvsWO-xiymvGZ9JIjFsUf8ySPzD5wC91Fepe7mcL1Mj3u1oawsQtkoPLrE5e3d_vJ8&cry=1&dbm_d=AKAmf-D1cVZtThx8DGaP68AniUjFoxzbrdFEUEN3gaCPVjjZRV0Ik0_mzssw3INDvYLBm3rGiEhhWOANUG7mPdD_78WL1FXKWCQOD2NFZ8KoOPbACqrP9F312vzB0mRlYGFWQeUE6v4QIyS6yGMebyW_fAzchGblkyeISpt2qy1JTDyZgBqCLTeL3oSTuag337yu4z-Pp2omsB0iIe78HaCVQudoCn0AbNXVNYJR4phgGgvyk6rYPxiKkBhgsfsecAwdkmpg0TJBkIgHqM6Rp7AvbH2X-pmSIBpYM0v03_qX_NTXAmvW7ykqanGqWtumoL4H6G02XzNt_9kzPyxCfdFtaPxVjc5503xlPZk3CRkJiS_2_Zo7nZDknYDnCeFeL6v1ez8moriUfbBF1aEA1m_1wztTvYikXXTuZW7-DWyUxbtl45bEcsJlJPmqeRlTTmjdYynYxo9OVZqjKuYRFAPKEm9ArLUjh308k3n-YYgagSc7bgvToxnNe7uGOrvJSbA4Ax7VgyKPVsterw0hc8tv5HRmbUSB0ezLFJkAhACKzhjHhV6PQctopUwz40Mldd0ss6P3Mwn8qfqSpteugaIhDB1oYiXJYcAZ9ICxW4ZMCkW3N107Fb9zVjLCSG0q7LvT1Ch8rnb6o_3Ht_bT8caAhYhwp967QNetLBzeATWuYCHljbcfn0hV96IYGDHrRpaAwoG38f8LgeNXrr3RQMtCy4KPVr1vmWtIPijxs6IId9DuRhrp3vsFzKi9lNvKRZrvR1aUomB6Hr-GU8nd36K1H5qdWtdf9USO5-QHkB0driIFa5QCLVGYvuRM9_AyHpMT_1Q39ICpFQbeqjd364dAaHsnpVEyyLVGSeQ0lhjOI9t4YcM0O-7c8q1rSQn_Vvn2eSjJ4a4yYhSPzTWPb0eCXOoPMCX48TPr3nAyWm2_XxOTqPOM2bgezS-FT_MWDrvTHh-QIKa4rpA4foq_qD1flk7ImsN9eaCOdFe4R-sk7fA40pK3CkK7u0XF_gPu2EJN94yTJhzdDrwtaEhTF9OPhzkd3gwvLUhSd4wuP1w0GYDJ21MPy5sZR47TM2Q9oN88IvaBsBFFxhtkGOSCCp706l9wlnNsbt7zXK7gHL5fHhVY1mIuwKaT22mW764gyCVo4e5sdwuBXNzGKIktUHoNliqvRIRT70TTENcSNYI2yigomVvc4cR8-7IpCLJFftAT_O7S6eRjG9DzZc17tmLs_FlseUs6y9iZo0S2XDoCQoS6gfX4uxKLfdxG4EXYTY06PNxFnVndF0beG1_7YrYI51omOThbqa0A6HwWv1wGajO81Ia9YlK-9RTITJd7Ve8tXzXW3k_YeHvJ3WlNLaJ8TV00Unc7-_Jr4COKZAlmrvWROx7TdtN0yzq_L43jrNY8niZY6SReWLhJcd79yMDvRS3UmpD9tG7xPf9B6stFky8CxSG5kNBUd72qsYkD2pGv2L8rGjvo8wCbhv5luZ_IecNZSo2hTRsmMnJpEO2ju7Q8hIjeNWBhaEhkOVeHodIpKGcDBWsq9NQyxvkCaRI-_X2rkik6OS3ivlvzF5PY9F-SdJUsbXEeQyO8nNmoAvV70nSKmd5Yv8rKltk7oLXhjYoXvFMOqY1Yohli46u7os3IGKC8Dy4jy-ZJkfqgf02yoCWd9y5stI1yCRuE3v8m0XHP5_96etXqLlnOsJ9JXwtw6vQcMrFwBUqQka8zPz7J5c4jLKJW4In_QOlo8M-Hg7czpOHI_A_WVoejyWCZhQf_Rmp9YfsCwOGUkJ-7nZbs-ODyV2V_M-T_neuRjwkR2BBUFwy3LLm-un9OJEHwtWjhhxGUSaSdkd6fAOlxaY2oxhv_j35Pg6IF3q1XVdeacEPiJsK9QIW6lSwDtvfGAQBPstL6ckCG7JFwH0PZXv9q8Qv3KDiVRqH35xNV6XACcA7EBV6bWGUmtpS9nq4nwjmJIwRUOTTA1FLm_na6pMugw02BjHeB5kKZmc0FXtGTE3Ri2y2q_7Z2J3VyrSifKbwHj-TOWzg-M84DzSjgaKz2f1HMgIJivHEooI5HqodHzzczYvQ4H3uJtaOyPogx2N68UCP2MaQRhrxQooz-s7Diw6FyiCmhSy_B395qwYprHyvn3St0nKpMco5EOWWfhGE3_8-l_Y24jU6P1zUtGwslReh6hRIl844vJhqlnYNSXrc-rQbsqCm_iYrgMLhdDj-Ik_-S3CzSeWZXTPjlBcg9MhLiZ0-iiSB3XA3R00-ZOjMKFF1gq20ct7BfAJBHKDTYbSuk0wm192_HjYOjzaiFeti4lyABOYkVlMEl0136IiEVNRwBAUWbbpoDnDbImgaBSAiKpOPmYtTjCEyoOWaNlyo2nLN6v8HCieM2RKKUmdTiTpjFCu229JnRvB0SNEjV4bDIDZdpUrp735pF8YC0YFRqmH9yiRL1B2usaFqYCafcYoBfAmXIGPL2OzbJ2n2NnzAHXO68toyl4F5I1LV_4We0OTSJMVKWbI7TH7L_rKQvWzcQtb5fR0egH2VwftByuYimn37-nUXtSpNwtRLNOLfU-5aWg6DqYfNbt98I67FPIjUNRQE5A5FhR6czynVDftoMhicR0CK-jb1loaS7P_ZV4qJL5Z1k505MckaA5K4D26HtRrQRMgxBdGZu_TVxw1zq9byZRsRh0l8Hk82RE4rUMCwoKp-LwGE3is6krzNzC2CIFlzZdTiospthXzUYqll-t4NWo_-aqQZAJWThG8EVKJPyjUjJkLdAhLBtOsOiNHyMCN5qrr9m_KFrE-j_0lFsBwItxYtJmFe5Q0rVmZ2UeB7ljZkdVm3uhlCGcK0RlRoDTZfz_8aOLU_aygJ-DvZbv170lD3jIaXJ0YSCaQBvGdBlW3e55Jclx9K3lw_46dUauILZDMqKxnHz96RaphpcqB-6WG-RifgGKolglIQqx0ulSbOe7zvzD6R0k5_7yw6fqd-EuTAor3Zp1u6MV_N2t5sMVFt0NiViUMc8wDUcuInu0dFeIMBikWVwLhPhf_NCBkKziLTBkqXtmSzN__JBivTKzbuPrv3ZWQkqu95wauk721blqWVeRL8TT0YaEkdwvuyxKYaj8rMVoJ3BZDTQo4cZTrihgS-UsfdRvxcPVBEMRL10ltdCz5Og0ieeLnbdYlDSmKkUnUAdFQ2pF8GV8_qVXo3Hza3hgVfmA7iFPmoUoYleuJI49_yQReRQPTX73obRnwYnuOt_kCzr5zD8bnTxjQUixdwR9Z0d_2VAG1KBsohPHmeYhyhJJdBBzJGrQFcVI_EbdRxAJAKefSBmsXlevDddPzUERq0_xFLPu27lH6tKiH3litN49SYZKtfwuWsfemqYZxasJHkUfXydjdgxrNKSGSfYajKAVjmLn1Veo7ajN-Zah_T-SwZRNOQSrjHQE1coFSHpb_ciAm3ab1lJW4HmR-ltvlTUdJ7vTZ42Tcteczm50I_gQTsrisJFzNpb9ZvYzcLWMdf6dBcuxknRwcEsPo46fM9VwD83XmTU8EdPwGNTmJIGK0T3yp8KjrUiYidBtoQhhoYNCokQwSqj4-unHPG4a4RpL2CRE9qJ7L75dGui6goT-cBztOa52XuBIMibADLE70AoLE0sb2gFKuv4cQSmjSwKXspucssFZN5ZXSAlmDTCLmZIiGHElVW-T6sDUeNo_FKLPbe6a9gVOSUaRFrocIlr1gB2poGbiV4LtM6xV5GxIAmX0HLFkzHdmmBBoYMLYWJxGL2aPp5DTl4TsL6VnHo6LJ7Bboq7HyNuJijp09wGbRtM40os2qXZgROVgM1vZeiNSKjS3JpoPiMemwOEqYAKA1uCD-naU6xAcFU4AHMy96S20VCgqMnEFr6WAlQINbIuQn-leX3LbXTOkXoZi8vUaq0IYZKkIZ31S0eOgo2Vh6jDuQkUEBwMNoMi7MWd2OTuBKkKLv3PHz91Ms0r1n_r2epnv-IoJF6Feg4icNt7KooXldKWw2VnNLmeeo-YjN-2eSgJFp01YVNvieUUlL-I7g3ey2fShZF4F3dqcKVUJyhYt1RFrHkcMpkf1uTr71fU7bP5dmAPEjGNhMuyBoQ4c1cXJ9sqQD-0iz7UXGB4UHHPJzuRd9zCsvdalJbzMy82zvGpIt-ijWWDD__WqjPy5d3wV2fjFRe6qDAM_kIsYg5PqyadIq0MXyNE30mKkxDcdZokf5RQpCkOTEVPcm2CbwCi0VsK2EclcnyPR24EN6fTk_9rEXxkgA4f7hIRSx-npCms3o_qfBAWsv28wkcpzNVY0IJ4&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=8267670395138575000&adk=496764934&idt=125&cac=0&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
566675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1350098/69352127/ Frame 647C 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bidurl=https://www.zahav.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jAxTAS5okosqaL2ylWyoB2
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.170.10.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-170-10-64.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d9282c8665a36b0dc1be6b80ff0d9ff1bd7e13e90f21b54c2f2ea237343c31dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 647C 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Origin
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 16:21:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 16:21:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/ Frame 647C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxvs4PNMG9uMuae5lUN4Ypr3We0_Oq7P3MQX04mKoFmatsIkjzVonb_r9LUbKzub5aFAwT-QUNEG8GD-XvtzvAwkTXF-r9pLBYrBb10Wrfeyjzcd_2hQ1iYPCsl0oBPxzY4MAtSBA_LCcqvJ-urehDtChK-t1T1SL4UHYHaTIleAntMLo&dbm_d=AKAmf-CTHn7EYhCOoqJuqtH3Aw3gkIvTvto9i0JUr80hg7uVbJlNz9SJbYGKfSuV4W7SXulRm0BCDU18kyOeM2JbqoNSI6y5dA6_gKxVAuw026SHjGp6DrfAOhsP37m2ukg1m80QtATEpYAuOAM1mEHkEmhpkCLd8sAUPx3K0ldgJQhPkh06PDhZa74bc7KPg9Cfealj1QRc9lv6KjTGS9rNgJZrQIgG_HUy90sSfm5xw9bTgH0JsCqUtMOYgwlr_3nTCM87ZQVyLjn5xSk9kHZ596GonB0qEMLuGvxfP4BJaVJ0yTvHHvWx4M3nTGTPcZ_kzr1Pd-PnAg-SN4S-8mkNIhQEVTxj6Fa4pgBVeEmCuSntEjRzEwk3wX06H-qWBmJLbUdQa_YC1UJQCRj5JBCQ4_58Arm2fIM8mzdEy9B--C57gwmTnrweuQ4Og0VgY6Sf9-qEIh9G85pmnAu-M0lPAQnHcczfPTBIQjssXhiEH-D_6Wyi3uNRZ_2A330giaQeeQlOGlFWy5mGL9eb6pYUHNJ5clNSj9Jn-aniqpT0UHMwjAAfrRREydV-0jZlLteVpLnE_O_cXYEe-fxe710OlX9IyeaOGnTDkBvPx7fQczodNHD5nzlxLSq86TfD58a_okHU0IqMQyakfRjsivYp6hAseihE39QYz-BPdVrfE3cgxOlmpgBpQDH_VChxMnDHgMhnSwxy-rS2j84EkztAsULdoW_WNI96HyGQVijfq4Gd-STZpq-QnY3FnS0F83TvKIe8Pg6Wb-uNOyV7p0Z_PPJhhFkSqF39ZsvdUoNIsX0SwWXU3DuGdz1q2Pn2rXG7EebP7Pwz1DNeSRVJTx9wR1DeiBiIQRu1_wmnIWm4dMKSHPUVhu7RynmXKvHokgJZfyEGwSoxRL-MRaiQMsKamm-ZZrILqAZf8QSqWYGdpCpIP0YqyDOcrs8Pq2Tmatixob8W2Tvh9iNWlb6_iSAd0oWfJ4l8qSPoe92gRj6OTDNrJ7lLaqWh8eVRRGvnf63WElwSC0bkx7Yks_ugCNzMxTDe-E47OA6UlsD7dPY7zaWq29FHV97Mi_r6iJJCdpBfUIHPqqSs12is7xhPxoz8L1xPIK2q7MJiubVM4PxWoIcOwfWZb_GwdHhxHg6K_hrDpyMFBofs-VMyJXIZ7h4Veh9SNUvT4U0XtGFJg3ljB10miiDJ0i8isxOxL54SSOVZ5d19HTqquV6suaqoIwfI4ys3mlehTOh83FHBUo6p4FUwvc2vhgZdwI2XuDNON9-4qUjylpX_PjZtIcHVNbsugx7sAy6vEdop_QuSAGH0uHqyrJTV4IF-EYxuyU8g1krbcJyGu64iKD2vlFYS6Gku80TTo4xVJPe_XM_j354Gf_dnFm96Q4Uc4DBJiPeuxBRWtik6ZBtm70kFWRGMdXJcmipfteaZk5K1OuyP-Zz-ouTjjrbDh0kPgmmQzEl_kuFwU-PxTgydPbOM_mE-65Q1Hyo-C0zcivnuhwgDHu9Gl_JopChaW9eNNaCiw_9V0TWmNXbmxcGW8oj6OrnslPomPR_aV6zz7my7D9Omwwmd3IVXAy0lprqXGDJAZ92bxdGe3UMhrucUWz_tROjaxgeeOzCYQvto47-uA3A45QLzbMJ0f9eGrgYOxHKtACGqK4vkWY3B9hCDQq4VnJaiGGb5xyTbopMiruhc8Y4pSH_xRq7qGcmyg1CBROh5FS8NLfkjv38cRCY5nAzLn8vv7P5Rc7egZdoI993t7xDxmqZFSYWxWSkN7B3Yw_zFo9_bqYDXKffvcxyuYDwItTgx1joUoRhAsNcI_5N1JfAu1ePt7uLKIQqcSEFy-OWZDWSkdtMXAW1rmaErsulWN5vm9smca6VvJj7cmiVDBdcvdgCFtdcL90_7s1vOAd94mAkUCz7X467YCLO_SrlDubTdlZqkfcmIGoX03q46B0hUfbnpVjQgDtU51nfoRTNk2J7FptcXcE8oORwKKxruF-9ad6hHLGmtpZcqkXhwjoFzuJEIdId_uHXlOcOcPBPD6Ie4KEUqjPoGrfpgq7TlPu8uj_d89BMY4DVM1zZ29EUR1d5CTGxGUBSyb-FFah71JowbS6l45sHA9yYbTZ0ryYKBtxcqIJ9xvQ1IeC73RyKN4PGSGo9oTVIKLMIuPoXM_1kFEDIjJxyovKOk7EXy3BkXzmtYPqJxBAFNSTaXA5y51DXXQAup-l6jtrtt6elaXzmA77zVFG9ekpoQv-iduv2Rc5C7opl7uZSHGoiYaV1ZX-ECm1dxQRwT59tHmFQFOGObk9Tyen5AHhnUok0_RTdqSbVRjoi_zH_u2S8t3-mSOPXMAqdWfp5lThV3FRtQRpIayndIk8W41fkH422jyV6jqYufbapJcRy865iUrlLpBCH-qooTgy15yRPQ52i6betamwcWrs9KbaEK_GColzVDxSSPDEsdcEoCnMAghnuBTLQ2HybfMSvfSj9sO8nzS7don7N4dnFUCpDaGYyVj2_310tyB0LAGVVueMm2RybNY7fGq-piO9qgoX0J0vV9zr3uyhMltDgdbQmCgzH_mljuT_mblqLuSD2Q4Il7mZjyiSiU_PJ6ztKQy12JcLvY0QHEH3isdeSKj_xdiJPYjwD2jK1XYGdEZcos9ZZ5mS1WSXJlS--AgBDm9YClxDSG72tVZG2ErL-13KE5xtcu-CeZi6ZwfJevHsMiTAuG2wqOyz6eMcQRIrKvlkzSNUMSpmKCNc34hg1UPiqSFi4h8pLUR2xvazS8mbqsegvpkFQQEUj1SMTfrB71fjyEmxALEFrcNVcrfdQqmMlgKPpnhA2Psn9FVcThHGYHy3dWm5e5l9WYoH6HFxI4qBSVeEhk29G_VHCaQbjcB9x9Nc6Q-IrcGZh9zPOkA5j_Qotm0kd8jIjAL4TKJorzZ8qeC1g7pSu2duTM3JCzo6ahLzO66WyqV3RJTb0Ma0kekUYvGya3JabpAKZZmpiMd1KIerb-9_msG9TFtTh4tH5RjvCp2mcGBjra5kC6yOP9DJpkbUnpSIOwO6qn9nztg8y93pJrZHR1R2-WXVNDOsc3j9-9qxIEmqnFB4Sl_DVD7rzTiRrNJ3zwSpbj6V6FKQXkoG58_6wK_kYv6ysIxMg4msknS2pD7F5cPnOHwCDwAz-UYL6iTbIDpeszcqav05eyrzSYnZUV9v8IRadJE-yRGePbJPnT2vLxjPNcD4azt9h7a9-HlwBvvU85reOzW4AlP4lE2FCLHQgsQcOiYbznfK8UwNG2aPTRh5DzDOtgHhubScfSFPS6-s0TG1_49WMNEWxu7LVyXcPwcxTvii1i04n3_nsGM8qqEinzvukxJCGjdbifUB8QiHDElRFJ9tkxGHA6N3esUBqJn6OMFg949DpcR6ZejlZPRm6kg-W3zcfe9NFiwWXUTYXGqW_6-RbA937l1pIE9OorQPxapVjSiE97vlhuK_lPUazzPePsgxO7bV4xudMNMGVn0D5f4yuiX1Gc20kExH3_2BHLT6ToIM968dCBYzyvc0McX0577U_6ZqSd9bWZSZ7nN8DlXy9Jlyioev3pPM7gZIfHBaK_3ZPtFLdB7pk2ZasoCnla-PsJuxmX60eR9_0Mr0YnsvtSOZUEgQ5dM3oawcGSpbdtO9yTqTSzwG6iJ7_O4AoUILEmm0jlEaeceQEF6_Fuwh2VJakMkzGckIEgN-5lP8mZTtbmCwqfHU6AINzI16rnzQyjqMlIQ4ptRtLY9mXZLvFrxfg07x-zFIMidIe3MvBXvvBloUxXQaK5MSxrz1Wbka4tcJE9AETvb2B0-f8ttYEY3x-6ujFamN3G0Q4Dy_9HXIIevbzkvbQbzcMXdO-9l8bF0y9TifEWbYblasuL8vcYAwN4Ggpv-aMjr169z6_r9zHJp_mPr0BplgoA6gQo2vozyEHiEc86W94QlIeY1nGHt35PZ0p0W5qGsyEd16fNY-RVWmd2yU6yaGrcves7KVfvIsn0PV--n5qd4cqXH4xrHvivrymAiDnjaSsr8kISpeDjELXQ7ktZoT0L4cRpwXsm8CDlJho18SkCK2fZZNyc9Av3BmiFk5GjfgeaC7GoALQvFBsh5RmbYIDKnZ9bgOdq_gUlxMihW8casq55xXxDOtD5C3D7-7Mk7Kn9ywB_YYR1IEF-cgMBBjr6btJeSzgeHcOd0sQUF1qJiPmCNDuf2cI197mpaAj_CWIDPBRfgAWQVZeqMV_DwPLR5F_1LqGAeRV_-FnHJuZvWpCBVcc&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=2065509241962634800&adk=792902355&idt=121&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
47672
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:41:40 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/ Frame 647C 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231023/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dxvs4PNMG9uMuae5lUN4Ypr3We0_Oq7P3MQX04mKoFmatsIkjzVonb_r9LUbKzub5aFAwT-QUNEG8GD-XvtzvAwkTXF-r9pLBYrBb10Wrfeyjzcd_2hQ1iYPCsl0oBPxzY4MAtSBA_LCcqvJ-urehDtChK-t1T1SL4UHYHaTIleAntMLo&dbm_d=AKAmf-CTHn7EYhCOoqJuqtH3Aw3gkIvTvto9i0JUr80hg7uVbJlNz9SJbYGKfSuV4W7SXulRm0BCDU18kyOeM2JbqoNSI6y5dA6_gKxVAuw026SHjGp6DrfAOhsP37m2ukg1m80QtATEpYAuOAM1mEHkEmhpkCLd8sAUPx3K0ldgJQhPkh06PDhZa74bc7KPg9Cfealj1QRc9lv6KjTGS9rNgJZrQIgG_HUy90sSfm5xw9bTgH0JsCqUtMOYgwlr_3nTCM87ZQVyLjn5xSk9kHZ596GonB0qEMLuGvxfP4BJaVJ0yTvHHvWx4M3nTGTPcZ_kzr1Pd-PnAg-SN4S-8mkNIhQEVTxj6Fa4pgBVeEmCuSntEjRzEwk3wX06H-qWBmJLbUdQa_YC1UJQCRj5JBCQ4_58Arm2fIM8mzdEy9B--C57gwmTnrweuQ4Og0VgY6Sf9-qEIh9G85pmnAu-M0lPAQnHcczfPTBIQjssXhiEH-D_6Wyi3uNRZ_2A330giaQeeQlOGlFWy5mGL9eb6pYUHNJ5clNSj9Jn-aniqpT0UHMwjAAfrRREydV-0jZlLteVpLnE_O_cXYEe-fxe710OlX9IyeaOGnTDkBvPx7fQczodNHD5nzlxLSq86TfD58a_okHU0IqMQyakfRjsivYp6hAseihE39QYz-BPdVrfE3cgxOlmpgBpQDH_VChxMnDHgMhnSwxy-rS2j84EkztAsULdoW_WNI96HyGQVijfq4Gd-STZpq-QnY3FnS0F83TvKIe8Pg6Wb-uNOyV7p0Z_PPJhhFkSqF39ZsvdUoNIsX0SwWXU3DuGdz1q2Pn2rXG7EebP7Pwz1DNeSRVJTx9wR1DeiBiIQRu1_wmnIWm4dMKSHPUVhu7RynmXKvHokgJZfyEGwSoxRL-MRaiQMsKamm-ZZrILqAZf8QSqWYGdpCpIP0YqyDOcrs8Pq2Tmatixob8W2Tvh9iNWlb6_iSAd0oWfJ4l8qSPoe92gRj6OTDNrJ7lLaqWh8eVRRGvnf63WElwSC0bkx7Yks_ugCNzMxTDe-E47OA6UlsD7dPY7zaWq29FHV97Mi_r6iJJCdpBfUIHPqqSs12is7xhPxoz8L1xPIK2q7MJiubVM4PxWoIcOwfWZb_GwdHhxHg6K_hrDpyMFBofs-VMyJXIZ7h4Veh9SNUvT4U0XtGFJg3ljB10miiDJ0i8isxOxL54SSOVZ5d19HTqquV6suaqoIwfI4ys3mlehTOh83FHBUo6p4FUwvc2vhgZdwI2XuDNON9-4qUjylpX_PjZtIcHVNbsugx7sAy6vEdop_QuSAGH0uHqyrJTV4IF-EYxuyU8g1krbcJyGu64iKD2vlFYS6Gku80TTo4xVJPe_XM_j354Gf_dnFm96Q4Uc4DBJiPeuxBRWtik6ZBtm70kFWRGMdXJcmipfteaZk5K1OuyP-Zz-ouTjjrbDh0kPgmmQzEl_kuFwU-PxTgydPbOM_mE-65Q1Hyo-C0zcivnuhwgDHu9Gl_JopChaW9eNNaCiw_9V0TWmNXbmxcGW8oj6OrnslPomPR_aV6zz7my7D9Omwwmd3IVXAy0lprqXGDJAZ92bxdGe3UMhrucUWz_tROjaxgeeOzCYQvto47-uA3A45QLzbMJ0f9eGrgYOxHKtACGqK4vkWY3B9hCDQq4VnJaiGGb5xyTbopMiruhc8Y4pSH_xRq7qGcmyg1CBROh5FS8NLfkjv38cRCY5nAzLn8vv7P5Rc7egZdoI993t7xDxmqZFSYWxWSkN7B3Yw_zFo9_bqYDXKffvcxyuYDwItTgx1joUoRhAsNcI_5N1JfAu1ePt7uLKIQqcSEFy-OWZDWSkdtMXAW1rmaErsulWN5vm9smca6VvJj7cmiVDBdcvdgCFtdcL90_7s1vOAd94mAkUCz7X467YCLO_SrlDubTdlZqkfcmIGoX03q46B0hUfbnpVjQgDtU51nfoRTNk2J7FptcXcE8oORwKKxruF-9ad6hHLGmtpZcqkXhwjoFzuJEIdId_uHXlOcOcPBPD6Ie4KEUqjPoGrfpgq7TlPu8uj_d89BMY4DVM1zZ29EUR1d5CTGxGUBSyb-FFah71JowbS6l45sHA9yYbTZ0ryYKBtxcqIJ9xvQ1IeC73RyKN4PGSGo9oTVIKLMIuPoXM_1kFEDIjJxyovKOk7EXy3BkXzmtYPqJxBAFNSTaXA5y51DXXQAup-l6jtrtt6elaXzmA77zVFG9ekpoQv-iduv2Rc5C7opl7uZSHGoiYaV1ZX-ECm1dxQRwT59tHmFQFOGObk9Tyen5AHhnUok0_RTdqSbVRjoi_zH_u2S8t3-mSOPXMAqdWfp5lThV3FRtQRpIayndIk8W41fkH422jyV6jqYufbapJcRy865iUrlLpBCH-qooTgy15yRPQ52i6betamwcWrs9KbaEK_GColzVDxSSPDEsdcEoCnMAghnuBTLQ2HybfMSvfSj9sO8nzS7don7N4dnFUCpDaGYyVj2_310tyB0LAGVVueMm2RybNY7fGq-piO9qgoX0J0vV9zr3uyhMltDgdbQmCgzH_mljuT_mblqLuSD2Q4Il7mZjyiSiU_PJ6ztKQy12JcLvY0QHEH3isdeSKj_xdiJPYjwD2jK1XYGdEZcos9ZZ5mS1WSXJlS--AgBDm9YClxDSG72tVZG2ErL-13KE5xtcu-CeZi6ZwfJevHsMiTAuG2wqOyz6eMcQRIrKvlkzSNUMSpmKCNc34hg1UPiqSFi4h8pLUR2xvazS8mbqsegvpkFQQEUj1SMTfrB71fjyEmxALEFrcNVcrfdQqmMlgKPpnhA2Psn9FVcThHGYHy3dWm5e5l9WYoH6HFxI4qBSVeEhk29G_VHCaQbjcB9x9Nc6Q-IrcGZh9zPOkA5j_Qotm0kd8jIjAL4TKJorzZ8qeC1g7pSu2duTM3JCzo6ahLzO66WyqV3RJTb0Ma0kekUYvGya3JabpAKZZmpiMd1KIerb-9_msG9TFtTh4tH5RjvCp2mcGBjra5kC6yOP9DJpkbUnpSIOwO6qn9nztg8y93pJrZHR1R2-WXVNDOsc3j9-9qxIEmqnFB4Sl_DVD7rzTiRrNJ3zwSpbj6V6FKQXkoG58_6wK_kYv6ysIxMg4msknS2pD7F5cPnOHwCDwAz-UYL6iTbIDpeszcqav05eyrzSYnZUV9v8IRadJE-yRGePbJPnT2vLxjPNcD4azt9h7a9-HlwBvvU85reOzW4AlP4lE2FCLHQgsQcOiYbznfK8UwNG2aPTRh5DzDOtgHhubScfSFPS6-s0TG1_49WMNEWxu7LVyXcPwcxTvii1i04n3_nsGM8qqEinzvukxJCGjdbifUB8QiHDElRFJ9tkxGHA6N3esUBqJn6OMFg949DpcR6ZejlZPRm6kg-W3zcfe9NFiwWXUTYXGqW_6-RbA937l1pIE9OorQPxapVjSiE97vlhuK_lPUazzPePsgxO7bV4xudMNMGVn0D5f4yuiX1Gc20kExH3_2BHLT6ToIM968dCBYzyvc0McX0577U_6ZqSd9bWZSZ7nN8DlXy9Jlyioev3pPM7gZIfHBaK_3ZPtFLdB7pk2ZasoCnla-PsJuxmX60eR9_0Mr0YnsvtSOZUEgQ5dM3oawcGSpbdtO9yTqTSzwG6iJ7_O4AoUILEmm0jlEaeceQEF6_Fuwh2VJakMkzGckIEgN-5lP8mZTtbmCwqfHU6AINzI16rnzQyjqMlIQ4ptRtLY9mXZLvFrxfg07x-zFIMidIe3MvBXvvBloUxXQaK5MSxrz1Wbka4tcJE9AETvb2B0-f8ttYEY3x-6ujFamN3G0Q4Dy_9HXIIevbzkvbQbzcMXdO-9l8bF0y9TifEWbYblasuL8vcYAwN4Ggpv-aMjr169z6_r9zHJp_mPr0BplgoA6gQo2vozyEHiEc86W94QlIeY1nGHt35PZ0p0W5qGsyEd16fNY-RVWmd2yU6yaGrcves7KVfvIsn0PV--n5qd4cqXH4xrHvivrymAiDnjaSsr8kISpeDjELXQ7ktZoT0L4cRpwXsm8CDlJho18SkCK2fZZNyc9Av3BmiFk5GjfgeaC7GoALQvFBsh5RmbYIDKnZ9bgOdq_gUlxMihW8casq55xXxDOtD5C3D7-7Mk7Kn9ywB_YYR1IEF-cgMBBjr6btJeSzgeHcOd0sQUF1qJiPmCNDuf2cI197mpaAj_CWIDPBRfgAWQVZeqMV_DwPLR5F_1LqGAeRV_-FnHJuZvWpCBVcc&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.zahav.ru%2F&ds=l&xdt=1&iif=1&cor=2065509241962634800&adk=792902355&idt=121&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:44:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
47479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11591
x-xss-protection
0
server
cafe
etag
12161711247934188981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:44:53 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 647C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 23:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
566675
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Oct 2024 23:31:37 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame B84E 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 04:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 04:40:24 GMT
truncated
/ Frame FF4D 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8171ee44f13ec4122781a708bbd64978504f5b9f612fd5a2afd11d5b54479cc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 568E 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546683
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
img
imageproxy.eu.criteo.net/img/ Frame 54AD 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F10%2FAir12.webp&v=3&w=400&rid=4&s=WhHbChw2G1U_AuNTPFJ2QBCg&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4a920ac8a357b492b991802b1d781790c9923a59d37c335f6b2d19cd39d100b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
timing-allow-origin
*
content-length
7456
expires
Wed, 25 Oct 2023 13:09:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame 54AD 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=100829&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F100829%2F230114%2F9fd0fe3254e7472797e56c18d54d1260_d73c0f9f-38ee-4ec7-86aa-3bfc8c7b7731.png&v=3&w=596&rid=4&s=L0v0T824mxrdV7ZX28vv9tTO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
025136733ef145db18f74f9a8c83921404afc6bb145aa50fbdefcf07da93a538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
2929
expires
Wed, 02 Oct 2024 06:05:37 GMT
all
csm.eu.criteo.net/ Frame 54AD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=XeRUzMzbF5zHnohXU3xdArR0Z9PDMHvUxQZj4GxRmqjH02qdHk_thYuY0JOSrHhs4VANH2e6daH-zyDIRcbAkOvSlEgYGIf6_CnLuNBdkey5OePdJ-mMaSKyP-LzEuv4FYFMem8jGqNpe9HWKeDx7dkbq1n8ot3TJ4hbQAlfgtP2xKnNVTIikyBrhEyo5qMq3RWf4_kavB7moKR5AKidAdEpq_uKB9Q2PLBzz0kySfOqvUGMkrYpzG4Tw9ZdmcMe7qpPIw&sds=2&rev=89023&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 54AD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 54AD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 28A5 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1A78 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0cd2a8e733c9adc698800169d980ad7f62e92ca40ae05c6634c0ea03cabace8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
prebidamp.js
ecdn.firstimpression.io/static/js/ Frame C7D2 		305 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/static/js/prebidamp.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-102.fra6.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d75469cc2ac7f959e2c765c2dccc9884c09457cc3f1c9c17457d195593f76744

Request headers

Referer
https://www.zahav.ru/
Origin
https://www.zahav.ru
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:54:24 GMT
Content-Encoding
gzip
Via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA6-C1
Age
109
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Mon, 07 Aug 2023 11:06:29 GMT
Server
Apache/2.4.54 (Debian)
ETag
"4c441-602533cfcb740-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, public
Accept-Ranges
bytes
X-Amz-Cf-Id
gua_jWe_pjzQckLfuFSrNOjM40u6RwKCAXGAilhZcV3-16TGvmVE6w==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C7D2 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42960e94df1b53714d7853c2667b3d553013e46332fbb481edf143efc7eec0d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29114
x-xss-protection
0
server
cafe
etag
696 / 19655 / m202310190101 / config-hash: 8671707731930110642
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:12 GMT
bulk
trc.taboola.com/wallail-zahavru/log/3/ 		0
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-zahavru/log/3/bulk?tvi48=11593&tvi50=11820&route=AM%3AAM%3AV&lti=deflated&bulkSize=8
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
date
Wed, 25 Oct 2023 12:56:12 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7475
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230021-FRA
pragma
no-cache
server
nginx
x-timer
S1698238573.771794,VS0,VE10
content-type
image/gif
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zahav.ru%2F&domain=www.zahav.ru&cw=1&lsw=1
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
192521
expires
0
/
csync.smilewanted.com/ Frame 6C8B 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6417c65a57cd68bc0e5e18cf23b47ee22d6c9643d6b2987c6dbed425baebf25b

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ba9e48cb451e30-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 12:56:12 GMT
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7B85 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
821
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
81ba9e491d7190d7-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 12:56:12 GMT
expires
Wed, 25 Oct 2023 16:56:12 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 41BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=atxXvOBJyr7ikVrkHcnlxd&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip24.67-202-105.static.steadfastdns.net
Software
33XP011 /
Resource Hash

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
server
33XP011
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame B1ED 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1698238569291
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 0C89 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 Oct 2023 12:56:12 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
pd
pixelgroup-d.openx.net/w/1.0/ Frame A03D 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixelgroup-d.openx.net/w/1.0/pd
Requested by
Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1698192000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 25 Oct 2023 12:56:12 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9FBD 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DCB2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9dcf051262f5b0d6ed8d2a5040014d1d74c2c068a8aca91add3b444c04da8ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
0igvbyc5zwtq
hal9000.redintelligence.net/zone/ Frame 3DA1 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/0igvbyc5zwtq?subid=&gdpr=&gdpr_consent=&rnd=1698238569490564&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEDhpaRA5ZcT4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QhBiwx8TIIU6vS8kxJhgQNhCcvHVbuUUcKP1WGA4rE0fhpRkOxuupC2Qb9NlohpPCAh8ASZj6VIsAcTEjwD7bTb7Pzr1PEGNu-e8cBONpQny5Nho1ScUjn32Po7srgUb_8WzPIWaWh_679-yUI-aJE_gpfjeVOAwCDeKsqwlYxdstYST1PNMXZs82AG2cOlD5ps3-2TXSuq5eb4WSnkEHn4UNJvs6HOBeUNQRZzM4MLkdi8Xs4NVRUuVWDZ1qoKj5WpqVQ0JrG0xJJgWaRPMLSfFl3dUFbKqDGN19eoy9upsu62XOVZadY5TunO0LMhCJH9aQhfBly93StZJCtp3MagG8X_u7HHfANVv19UN5Q2JX5nJwpm182avdwATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhNqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_15q0MLR5sk_VzPyRdmX2kzfhqaLw%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-CtyDAzFdmUh0FQqKJ4w1xVBvgAEXEzN6BfUKQ4vnV5LkztjSlJVTDaoqy7dov-mrQ1WLOSbidU8lW4-P4qqn0J8ZNZ7Cbini5tlnSWhsyRndvJmy8wKbD8kyqEH8Jl0nFjmVv8Z_EAinlqQX8LDOof-obByuyrw9JXyXdOavYmxrvNjE8%26cry%3D1%26dbm_d%3DAKAmf-A7QE_zO6t6FGLrhJO4xbq8R9VcoZ4nwHarsP__l7WRZeUH2UHtpIigFObUKzGJ0srTJtXAXCD93lAO-wKAaEn6ToaP2Dgr1f0XYX8MNdWCIJB8cosXIAmhfyI_hJfvi2TQQ7DlTmes9sEVbUY_zMQ665h8O5Igtr3blvn8xwmgmmtCRA9sjSK3351nGvyvnnNDMVhF-qBskXTwDcJdiUFotlnvbXzlRB4NWz3NKb17flSzORyOAM3FsjxYFmYyOG6dcpOkIoddUh33X7RMLLXvBtetk3hgHsPgr1DlbsD5JovFY4Rj4Prp6oqjFs8MpeQgUSp17GGOxUKTBItzThrjPlYwGTLFzTn4wQY7JiyOyxT8ZLlboOmO6oByhQgX0BF6qDz4Z9qD6_JCpgDibJUKFcTQTkqSh0Pqb-xggLNX5M32JwW3E4rAoaSD1K32S1PxEGqnHJJOxSx5LRxGH7G1DJVa2VRHGUrAyOGJ-upvWkWq6MczK96L6uprwc4882jD2M_5YjomXwt0TeIIMajNngUNUdSHFXq4F8851-8uxiORrIA%26adurl%3D
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
66b3e6048b01da88ac99b542a1d10191695faa35902b57d1fa7e76cd7a10e957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:12 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4219
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
0igvbyc5zwtq
hal9000.redintelligence.net/zone/ Frame 2ED2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/0igvbyc5zwtq?subid=&gdpr=&gdpr_consent=&rnd=1698238569490566&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzAJOaRA5Zcb4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QR7ik3rwNya1ZmRGOBuoqJEaIhpF_apvHqTJ-SLJ8s_zx4DdrZ8sg0W9UMv5nbhvMJ0xhKkXceIsW3NqeccInWOGPIXNV06wh1INGWoUNeNPQ3SoGZlx6RNDTTY6s-WLcRZbw8XtwK1eB5RCky3vv1UwHc_8Rur9EqLXqf2LlwDH8NgcTCh4ySyi8iT4tyTzMg4hXHMTD9fPJdRYOjQwYMRcOBM1LOGr7odELI0kvj6AQtxewaOUpHn2Zlh-subOWsvr60dbtrB7yNr6z-BpC-TrXmL27_N4P6Q73laiVNrs3WNVG9XR3_0M9_DN6Z4g5mfIelf8Uo0Zcx6gaem7fMrpS0SwSF6reRExViFAeyMPr7Bhk_vAwBIKowATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhtqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_3V09Reeh7yHZy-ILHlCIh_b6yCtg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DscKryPkgQvl1U4WmIT0ZMW6PMAhnu_i9ffhXoYgiZfTGw0M6be0o1QIHyV0ZcBk9FQaIF35BrXqWiMbI7w46SAj9qtnDKWBGRoKWR1h07lL7mZLYlOO5_MUT8S4j-pvEFAYEJdxx4PdWQjD1ZXPi_5wnhEzrtW-Q3J1oozusU5mYGLZw%26cry%3D1%26dbm_d%3DAKAmf-Axvb5MFrtjofK0AKqY9Umh5-OTDJaZTjX5iFaNngvpOuC5QQwLFbIwkZVJCsZ-QHMyxWIANIngDJOPkxBW7ReprpfGejAg0ai7CLB6ZnnHTt4EOTYjO3tSgiVk3V-B1oGxwn-8Dgn2oAJxGMZap3BGn-9dlOGwoffbAYFS4N74X8J_nPHehFr6K-IzhNTviF1knLfcWwI2tPvMudLatrjI6f-5rg4cK5fvZEU4AMFETQB04POGhltbK-tsUDOw3yTa-oqyRyFUmizpF0uFlRHw6w0v8rljy0v2TIBdGlGcQ1FwgjJ56ZbM-WGAW8e9sLgiB4M71mzupCih5EPYvTuzevIZmiRj6YEDqUqOfH0YAlV2r5HsXm2VNPINBDqusoKYDGLSpcK9jWUTXVTILJ5wXPSAuon_o58FVE2DZPvvjhlPvE2ttybBt1yQ52OiKxGbz3ReqImTS3otPTPZlrQ85yBz_Pv5odL45PYItjek9dzjU_GrYy_t8PSln9nCZHmWzqfe8UeGHukgN3deyVlKo7LIV4HTYc27_Ud_fcVFefifaps%26adurl%3D
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.252 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.252.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8b0310c5add70491a3bdd79d3c47638a99485919181613a3d8df35eebfa347a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:12 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4216
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D3AF 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46745
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 647C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef918d23e0eeb1e38b4fc70e16aa0df3aa740065c3b289e916f912d7ebe2db22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zahav.ru%2F&domain=www.zahav.ru&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.zahav.ru
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 25 Oct 2023 12:56:12 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
216026
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame CEA3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b8a426060d1c98f9bb03ccdc3903f1597ee87d374ddae5531a120c2fab37904

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
st
imprammp.taboola.com/ Frame 2F0C 		577 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&cmcv=&pix=undefined&cb=1698238572979&uv=3351&tms=1698238572979&abt=aatest_vB!adxsub-out_vA!adxsub-out_vB!mprdct01val_vB!tbt_all_video!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=3a25842c-3673-4248-ba31-ae81f1769fff&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
35022835febae4fdbb5d479831693c2b10f1e4aa36cd882313b59e06eab6665d

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Wed, 25 Oct 2023 12:56:13 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230021-FRA
x-timer
S1698238573.994132,VS0,VE10
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&cmcv=&pix=31589837&cb=1698238572979&uv=3351&tms=1698238572979&abt=aatest_vB!adxsub-out_vA!adxsub-out_vB!mprdct01val_vB!tbt_all_video!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1698238565987!ts:1698238572979&mntl=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
content-length
0
server
nginx
truncated
/ Frame 5AB8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65af1f9d296b5e95bb38d1f51fc461e7b0aa8691da96a750524e227026579923

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Wed, 25 Oct 2023 12:56:13 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
409
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1698238573.068663,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
13
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
3001
sodar
pagead2.googlesyndication.com/pagead/ Frame 8CD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310240101&jk=2235481794031604&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame E172 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.zahav.ru
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:12 GMT
server
Kestrel
server-processing-duration-in-ticks
290304
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 26 Oct 2023 12:56:13 GMT
sync
am-match.taboola.com/ Frame 66E3 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.4.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
35022835febae4fdbb5d479831693c2b10f1e4aa36cd882313b59e06eab6665d

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Wed, 25 Oct 2023 12:56:13 GMT
machineid
3402
server
nginx
usync.js
eus.rubiconproject.com/ Frame 0C89 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
41fb2af396010bf8caf24206fae2441d39e692c4da4641d58ce6dcf68fa8de16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Oct 2023 03:44:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53194
Connection
keep-alive
Content-Length
11096
Expires
Thu, 26 Oct 2023 03:42:47 GMT
generic
match.adsrvr.org/track/cmf/ Frame 2F0C 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&cmcv=&pix=undefined&cb=1698238572979&uv=3351&tms=1698238572979&abt=aatest_vB!adxsub-out_vA!adxsub-out_vB!mprdct01val_vB!tbt_all_video!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=3a25842c-3673-4248-ba31-ae81f1769fff&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 2F0C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l7htFkxE2oRS26KBJ50_J8a8lK6Sa2WfFk5lxA--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l7htFkxE2oRS26KBJ50_J8a8lK6Sa2WfFk5lxA--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&cmcv=&pix=undefined&cb=1698238572979&uv=3351&tms=1698238572979&abt=aatest_vB!adxsub-out_vA!adxsub-out_vB!mprdct01val_vB!tbt_all_video!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=3a25842c-3673-4248-ba31-ae81f1769fff&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
16409

Redirect headers

date
Wed, 25 Oct 2023 12:56:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l7htFkxE2oRS26KBJ50_J8a8lK6Sa2WfFk5lxA--~A
content-length
0
GenesisSansHead-Light.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6FC0 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansHead-Light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:04:12 GMT
x-content-type-options
nosniff
age
528721
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23900
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 10:04:12 GMT
GenesisSansHead-Regular.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6FC0 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansHead-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:04:13 GMT
x-content-type-options
nosniff
age
528720
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23636
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 10:04:13 GMT
GenesisSansText-Regular.woff2
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6FC0 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/GenesisSansText-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:04:12 GMT
x-content-type-options
nosniff
age
528721
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38296
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 10:04:12 GMT
null
s0.2mdn.net/sadbundle/9461066680953449411/ Frame AB57 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9461066680953449411/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Wed, 25 Oct 2023 12:56:13 GMT
main.19.8.457.js
static.adsafeprotected.com/ Frame 1A78 		209 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.457.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1350098/69352126/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bidurl=https://www.zahav.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hfnX9HmPmCvl-EumyLTFUU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc0a9a90d0c508f976a1b8016e92ccfd5bce1bd91dc7328e77934f9a3a6efe02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:24:13 GMT
x-amz-version-id
WnDKomQ0pVO6XLIWkpys7vWzQvJNfhwk
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
153121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 23 Oct 2023 16:39:40 GMT
server
AmazonS3
etag
W/"4c9e0adb971857c41758efdfeca58aa6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
2O4E0zO1MLIA75HR3zUHv26xbhHX9CQNxjgEvb11KdppNwQpxm-Nxg==
main.19.8.457.js
static.adsafeprotected.com/ Frame DCB2 		209 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.457.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1350098/69352126/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bidurl=https://www.zahav.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h2uK16C2JJ19d7CHaxxeX0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc0a9a90d0c508f976a1b8016e92ccfd5bce1bd91dc7328e77934f9a3a6efe02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:24:13 GMT
x-amz-version-id
WnDKomQ0pVO6XLIWkpys7vWzQvJNfhwk
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
153121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 23 Oct 2023 16:39:40 GMT
server
AmazonS3
etag
W/"4c9e0adb971857c41758efdfeca58aa6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
PTouet7lmuqw9YcomzvY7wZjIuxj77hP7c8phw1-bq5FeKH9vmSpkQ==
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame DEE8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodarir&v=44&d=1&s=1&f=0.01&bgai=BL-FwaxA5Zc7JN7SejuwP3aKL0AoAAAAAOAHgBAI
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame BEAA 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.19.8.457.js
static.adsafeprotected.com/ Frame 647C 		209 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.457.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bidurl=https://www.zahav.ru/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jAxTAS5okosqaL2ylWyoB2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc0a9a90d0c508f976a1b8016e92ccfd5bce1bd91dc7328e77934f9a3a6efe02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 18:24:13 GMT
x-amz-version-id
WnDKomQ0pVO6XLIWkpys7vWzQvJNfhwk
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
153121
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 23 Oct 2023 16:39:40 GMT
server
AmazonS3
etag
W/"4c9e0adb971857c41758efdfeca58aa6"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
96MHauKdyydx_89EiVfT98IvYbnyEiJNnn_Q9WPeB55luMprzSFbyw==
sodar
pagead2.googlesyndication.com/pagead/ Frame 28A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310180101&jk=1213991514968399&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame CEA3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTeKDahA5ZejeD4_x3gP75ZjYCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMzYyMjE1NjQwNTMxMzA2M8gBCakCRlCr3E7EsT7gAgCoAwHIAwKqBMQCT9BLpPFSuNNjSDG8c4DEkmiOzFLhWBnPx3ntWRPb4nazNG1ANbwwW_WVY71duBUHgl5OB_XxjYJkWgT3t-MeigBJcKST6Fb0YA8PD63nJerUA8O02araY2Q_KOpgfPZpp9VeO3KWG_JuqTI5HCmrL98EyuTqK6zAA0ZA4OjFqXOYmj5wCidZjc37xEWrSgSptuSGb3eRMRQLPc-iHbjarkrQ1jnNvd82i9UxIHo8MsTA08QKZuw5OSwIi5HjfY6dhFcnqk_o64a5JCfBYKSPhgx9T7gXSEbzEOLjmxoXXuMIle28SwmyTHPGtMV4VbLX4w4pKj0xNZuOYT7isE9etjOv6ACn-9lPAvRNJjAydBt1iLZdPayKQCf9QKpFRuazfMUyTOCtxBRj7rkR6I1CJxtVycZZFh22s3ALXk_FNZXeCpfd4AQBgAbk7pvawe3FkSygBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgHAQATIC6wI6AoBASL39wTryCBthZHgtc3Vic3luLTM5OTU4OTA5MDA5NDAzNzeACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMzYyMjE1NjQwNTMxMzA2MxjW1RE&sigh=r68hczvYYC8&uach_m=[UACH]&cid=CAQSPADICaaNUXJt-IOrf3coFNkcxoQspt0DrBRL9cUeuzsZKBkzBakHVPm2oPCj9TtLcVge9q87TlEvhdLwcBgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame CEA3 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=k4qLFZWYY6AB2ASdg2ICAgAAAIa3FT_jkk6PttfnSAk5jtsQaRA5Zelq-OUsl45KefwAABIAAAoKQVFVQkFRRVBBUQ&wp=ZTkQagAD72gKd7iPAAYy-ws2BrtF4rA-z-NWYg&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
158609
server
Kestrel
content-length
0
request.php
hal90004.redintelligence.net/ Frame 2ED2
Redirect Chain
  • https://hal90004.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=71d8dad258&subid=&uid=2ec0603e969218cd&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90004.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=71d8dad258&subid=&uid=2ec0603e969218cd&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=71d8dad258&subid=&uid=2ec0603e969218cd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzAJOaRA5Zcb4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QR7ik3rwNya1ZmRGOBuoqJEaIhpF_apvHqTJ-SLJ8s_zx4DdrZ8sg0W9UMv5nbhvMJ0xhKkXceIsW3NqeccInWOGPIXNV06wh1INGWoUNeNPQ3SoGZlx6RNDTTY6s-WLcRZbw8XtwK1eB5RCky3vv1UwHc_8Rur9EqLXqf2LlwDH8NgcTCh4ySyi8iT4tyTzMg4hXHMTD9fPJdRYOjQwYMRcOBM1LOGr7odELI0kvj6AQtxewaOUpHn2Zlh-subOWsvr60dbtrB7yNr6z-BpC-TrXmL27_N4P6Q73laiVNrs3WNVG9XR3_0M9_DN6Z4g5mfIelf8Uo0Zcx6gaem7fMrpS0SwSF6reRExViFAeyMPr7Bhk_vAwBIKowATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhtqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_3V09Reeh7yHZy-ILHlCIh_b6yCtg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DscKryPkgQvl1U4WmIT0ZMW6PMAhnu_i9ffhXoYgiZfTGw0M6be0o1QIHyV0ZcBk9FQaIF35BrXqWiMbI7w46SAj9qtnDKWBGRoKWR1h07lL7mZLYlOO5_MUT8S4j-pvEFAYEJdxx4PdWQjD1ZXPi_5wnhEzrtW-Q3J1oozusU5mYGLZw%26cry%3D1%26dbm_d%3DAKAmf-Axvb5MFrtjofK0AKqY9Umh5-OTDJaZTjX5iFaNngvpOuC5QQwLFbIwkZVJCsZ-QHMyxWIANIngDJOPkxBW7ReprpfGejAg0ai7CLB6ZnnHTt4EOTYjO3tSgiVk3V-B1oGxwn-8Dgn2oAJxGMZap3BGn-9dlOGwoffbAYFS4N74X8J_nPHehFr6K-IzhNTviF1knLfcWwI2tPvMudLatrjI6f-5rg4cK5fvZEU4AMFETQB04POGhltbK-tsUDOw3yTa-oqyRyFUmizpF0uFlRHw6w0v8rljy0v2TIBdGlGcQ1FwgjJ56ZbM-WGAW8e9sLgiB4M71mzupCih5EPYvTuzevIZmiRj6YEDqUqOfH0YAlV2r5HsXm2VNPINBDqusoKYDGLSpcK9jWUTXVTILJ5wXPSAuon_o58FVE2DZPvvjhlPvE2ttybBt1yQ52OiKxGbz3ReqImTS3otPTPZlrQ85yBz_Pv5odL45PYItjek9dzjU_GrYy_t8PSln9nCZHmWzqfe8UeGHukgN3deyVlKo7LIV4HTYc27_Ud_fcVFefifaps%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=6501861472279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e43320aaa3bada157e822806b18d8fe04a405689a100b7dccbdd4e460013625a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 12:56:13 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
53791500078843104445308012488004
Connection
close
Content-Length
744
Expires
Wed, 25 Oct 2023 13:56:13 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 12:56:13 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=71d8dad258&subid=&uid=2ec0603e969218cd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzAJOaRA5Zcb4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QR7ik3rwNya1ZmRGOBuoqJEaIhpF_apvHqTJ-SLJ8s_zx4DdrZ8sg0W9UMv5nbhvMJ0xhKkXceIsW3NqeccInWOGPIXNV06wh1INGWoUNeNPQ3SoGZlx6RNDTTY6s-WLcRZbw8XtwK1eB5RCky3vv1UwHc_8Rur9EqLXqf2LlwDH8NgcTCh4ySyi8iT4tyTzMg4hXHMTD9fPJdRYOjQwYMRcOBM1LOGr7odELI0kvj6AQtxewaOUpHn2Zlh-subOWsvr60dbtrB7yNr6z-BpC-TrXmL27_N4P6Q73laiVNrs3WNVG9XR3_0M9_DN6Z4g5mfIelf8Uo0Zcx6gaem7fMrpS0SwSF6reRExViFAeyMPr7Bhk_vAwBIKowATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhtqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_3V09Reeh7yHZy-ILHlCIh_b6yCtg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DscKryPkgQvl1U4WmIT0ZMW6PMAhnu_i9ffhXoYgiZfTGw0M6be0o1QIHyV0ZcBk9FQaIF35BrXqWiMbI7w46SAj9qtnDKWBGRoKWR1h07lL7mZLYlOO5_MUT8S4j-pvEFAYEJdxx4PdWQjD1ZXPi_5wnhEzrtW-Q3J1oozusU5mYGLZw%26cry%3D1%26dbm_d%3DAKAmf-Axvb5MFrtjofK0AKqY9Umh5-OTDJaZTjX5iFaNngvpOuC5QQwLFbIwkZVJCsZ-QHMyxWIANIngDJOPkxBW7ReprpfGejAg0ai7CLB6ZnnHTt4EOTYjO3tSgiVk3V-B1oGxwn-8Dgn2oAJxGMZap3BGn-9dlOGwoffbAYFS4N74X8J_nPHehFr6K-IzhNTviF1knLfcWwI2tPvMudLatrjI6f-5rg4cK5fvZEU4AMFETQB04POGhltbK-tsUDOw3yTa-oqyRyFUmizpF0uFlRHw6w0v8rljy0v2TIBdGlGcQ1FwgjJ56ZbM-WGAW8e9sLgiB4M71mzupCih5EPYvTuzevIZmiRj6YEDqUqOfH0YAlV2r5HsXm2VNPINBDqusoKYDGLSpcK9jWUTXVTILJ5wXPSAuon_o58FVE2DZPvvjhlPvE2ttybBt1yQ52OiKxGbz3ReqImTS3otPTPZlrQ85yBz_Pv5odL45PYItjek9dzjU_GrYy_t8PSln9nCZHmWzqfe8UeGHukgN3deyVlKo7LIV4HTYc27_Ud_fcVFefifaps%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=6501861472279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 25 Oct 2023 13:56:13 +0200
request.php
hal900017.redintelligence.net/ Frame 3DA1
Redirect Chain
  • https://hal900017.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=64be98ebe4&subid=&uid=9fe3da72dcee5d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900017.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=64be98ebe4&subid=&uid=9fe3da72dcee5d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900017.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=64be98ebe4&subid=&uid=9fe3da72dcee5d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEDhpaRA5ZcT4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QhBiwx8TIIU6vS8kxJhgQNhCcvHVbuUUcKP1WGA4rE0fhpRkOxuupC2Qb9NlohpPCAh8ASZj6VIsAcTEjwD7bTb7Pzr1PEGNu-e8cBONpQny5Nho1ScUjn32Po7srgUb_8WzPIWaWh_679-yUI-aJE_gpfjeVOAwCDeKsqwlYxdstYST1PNMXZs82AG2cOlD5ps3-2TXSuq5eb4WSnkEHn4UNJvs6HOBeUNQRZzM4MLkdi8Xs4NVRUuVWDZ1qoKj5WpqVQ0JrG0xJJgWaRPMLSfFl3dUFbKqDGN19eoy9upsu62XOVZadY5TunO0LMhCJH9aQhfBly93StZJCtp3MagG8X_u7HHfANVv19UN5Q2JX5nJwpm182avdwATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhNqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_15q0MLR5sk_VzPyRdmX2kzfhqaLw%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-CtyDAzFdmUh0FQqKJ4w1xVBvgAEXEzN6BfUKQ4vnV5LkztjSlJVTDaoqy7dov-mrQ1WLOSbidU8lW4-P4qqn0J8ZNZ7Cbini5tlnSWhsyRndvJmy8wKbD8kyqEH8Jl0nFjmVv8Z_EAinlqQX8LDOof-obByuyrw9JXyXdOavYmxrvNjE8%26cry%3D1%26dbm_d%3DAKAmf-A7QE_zO6t6FGLrhJO4xbq8R9VcoZ4nwHarsP__l7WRZeUH2UHtpIigFObUKzGJ0srTJtXAXCD93lAO-wKAaEn6ToaP2Dgr1f0XYX8MNdWCIJB8cosXIAmhfyI_hJfvi2TQQ7DlTmes9sEVbUY_zMQ665h8O5Igtr3blvn8xwmgmmtCRA9sjSK3351nGvyvnnNDMVhF-qBskXTwDcJdiUFotlnvbXzlRB4NWz3NKb17flSzORyOAM3FsjxYFmYyOG6dcpOkIoddUh33X7RMLLXvBtetk3hgHsPgr1DlbsD5JovFY4Rj4Prp6oqjFs8MpeQgUSp17GGOxUKTBItzThrjPlYwGTLFzTn4wQY7JiyOyxT8ZLlboOmO6oByhQgX0BF6qDz4Z9qD6_JCpgDibJUKFcTQTkqSh0Pqb-xggLNX5M32JwW3E4rAoaSD1K32S1PxEGqnHJJOxSx5LRxGH7G1DJVa2VRHGUrAyOGJ-upvWkWq6MczK96L6uprwc4882jD2M_5YjomXwt0TeIIMajNngUNUdSHFXq4F8851-8uxiORrIA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=2187212550797&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
7cdc3ea7df7d43a400e4a960f42b5b5a1eec72954f913178152cba160edc6f70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 12:56:13 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
31984700078412504445308012488017
Connection
close
Content-Length
744
Expires
Wed, 25 Oct 2023 13:56:13 +0200

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 12:56:13 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=64be98ebe4&subid=&uid=9fe3da72dcee5d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEDhpaRA5ZcT4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QhBiwx8TIIU6vS8kxJhgQNhCcvHVbuUUcKP1WGA4rE0fhpRkOxuupC2Qb9NlohpPCAh8ASZj6VIsAcTEjwD7bTb7Pzr1PEGNu-e8cBONpQny5Nho1ScUjn32Po7srgUb_8WzPIWaWh_679-yUI-aJE_gpfjeVOAwCDeKsqwlYxdstYST1PNMXZs82AG2cOlD5ps3-2TXSuq5eb4WSnkEHn4UNJvs6HOBeUNQRZzM4MLkdi8Xs4NVRUuVWDZ1qoKj5WpqVQ0JrG0xJJgWaRPMLSfFl3dUFbKqDGN19eoy9upsu62XOVZadY5TunO0LMhCJH9aQhfBly93StZJCtp3MagG8X_u7HHfANVv19UN5Q2JX5nJwpm182avdwATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhNqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_15q0MLR5sk_VzPyRdmX2kzfhqaLw%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-CtyDAzFdmUh0FQqKJ4w1xVBvgAEXEzN6BfUKQ4vnV5LkztjSlJVTDaoqy7dov-mrQ1WLOSbidU8lW4-P4qqn0J8ZNZ7Cbini5tlnSWhsyRndvJmy8wKbD8kyqEH8Jl0nFjmVv8Z_EAinlqQX8LDOof-obByuyrw9JXyXdOavYmxrvNjE8%26cry%3D1%26dbm_d%3DAKAmf-A7QE_zO6t6FGLrhJO4xbq8R9VcoZ4nwHarsP__l7WRZeUH2UHtpIigFObUKzGJ0srTJtXAXCD93lAO-wKAaEn6ToaP2Dgr1f0XYX8MNdWCIJB8cosXIAmhfyI_hJfvi2TQQ7DlTmes9sEVbUY_zMQ665h8O5Igtr3blvn8xwmgmmtCRA9sjSK3351nGvyvnnNDMVhF-qBskXTwDcJdiUFotlnvbXzlRB4NWz3NKb17flSzORyOAM3FsjxYFmYyOG6dcpOkIoddUh33X7RMLLXvBtetk3hgHsPgr1DlbsD5JovFY4Rj4Prp6oqjFs8MpeQgUSp17GGOxUKTBItzThrjPlYwGTLFzTn4wQY7JiyOyxT8ZLlboOmO6oByhQgX0BF6qDz4Z9qD6_JCpgDibJUKFcTQTkqSh0Pqb-xggLNX5M32JwW3E4rAoaSD1K32S1PxEGqnHJJOxSx5LRxGH7G1DJVa2VRHGUrAyOGJ-upvWkWq6MczK96L6uprwc4882jD2M_5YjomXwt0TeIIMajNngUNUdSHFXq4F8851-8uxiORrIA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=2187212550797&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 25 Oct 2023 13:56:13 +0200
GenesisSansHead-Light.woff2
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B84E 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1484961235833605488/GenesisSansHead-Light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:03:28 GMT
x-content-type-options
nosniff
age
528765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23900
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 10:03:28 GMT
GenesisSansHead-Regular.woff2
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B84E 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1484961235833605488/GenesisSansHead-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:03:28 GMT
x-content-type-options
nosniff
age
528765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23636
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 10:03:28 GMT
GenesisSansText-Regular.woff2
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B84E 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1484961235833605488/GenesisSansText-Regular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:03:28 GMT
x-content-type-options
nosniff
age
528765
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38296
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 10:03:28 GMT
google
match.adsrvr.org/track/cmf/ Frame 28A5 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEO0DIz5MoyHjQgOjblU-n78&google_cver=1&google_push=AXcoOmQV3G6wKzA_NE68RY4awDgwxrzK9o7kx84y1sv8bk41M1h5YjytZENYrQafuEbtCA3RPbaD0-ZUbFyJ07LW8whlB1oza86qkQ
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 28A5
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP9EFri1pFYbLZnB4DVwKCQ&google_cver=1&google_push=AXcoOmS5ZhzVaqZRuuo8jH5UFEkfDgC83kup5TAlQQl-mBGfJ6H2Bkm_C3JdA4jbLRMeirGzPKc9C8zbqLDGzU...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmS5ZhzVaqZRuuo8jH5UFEkfDgC83kup5TAlQQl-mBGfJ6H2Bkm_C3JdA4jbLRMeirGzPKc9C8zbqLDGzU0uVw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmS5ZhzVaqZRuuo8jH5UFEkfDgC83kup5TAlQQl-mBGfJ6H2Bkm_C3JdA4jbLRMeirGzPKc9C8zbqLDGzU0uVwEPoe15x4qKlg
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmS5ZhzVaqZRuuo8jH5UFEkfDgC83kup5TAlQQl-mBGfJ6H2Bkm_C3JdA4jbLRMeirGzPKc9C8zbqLDGzU0uVwEPoe15x4qKlg
Date
Wed, 25 Oct 2023 12:56:13 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 28A5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmTz-c...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmTz-cggIiKls4GWX_lsAgHIfbyWbuNVSdn9mJJqRtyMB1oJ55T2iKyappa4-cCvkOGrr6QV8yvckpAP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmTz-cggIiKls4GWX_lsAgHIfbyWbuNVSdn9mJJqRtyMB1oJ55T2iKyappa4-cCvkOGrr6QV8yvckpAPcjLJjHV3fanlePl7Kg
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmTz-cggIiKls4GWX_lsAgHIfbyWbuNVSdn9mJJqRtyMB1oJ55T2iKyappa4-cCvkOGrr6QV8yvckpAPcjLJjHV3fanlePl7Kg
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3497823
content-length
0
expires
Wed, 25 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 28A5
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK7746XUTV6KijL6QyHkrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK7746XUTV6KijL6QyHkrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQIswlUAJq5WqJ6cXtf2tOIYm1UtDXMn0pinF7LQ4SGvD4YTaF3UuriH5zfUouDT4ji1D2xqxu5pbvr9OLIjjdPZ2AQS1x7WA
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK7746XUTV6KijL6QyHkrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQIswlUAJq5WqJ6cXtf2tOIYm1UtDXMn0pinF7LQ4SGvD4YTaF3UuriH5zfUouDT4ji1D2xqxu5pbvr9OLIjjdPZ2AQS1x7WA
date
Wed, 25 Oct 2023 12:56:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 28A5
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENFGDGMtRqSRVES5a-jKjcQ&google_cver=1&google_push=AXcoOmTsiiQk0rMJKHv6gZxJATrENuOHL2OjZ1aL2AqG1QoEcHfrRkForyNvgdLsEbnYROrBPP9jo33csqLQnled9...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESENFGDGMtRqSRVES5a-jKjcQ&google_cver=1&google_push=AXcoOmTsiiQk0rMJKHv6gZxJATrENuOHL2OjZ1aL2AqG1QoEcHfrRkForyNvgdLsEbnYROrBPP9jo33csqLQnled9...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTsiiQk0rMJKHv6gZxJATrENuOHL2OjZ1aL2AqG1QoEcHfrRkForyNvgdLsEbnYROrBPP9jo33csqLQnled9QKrBoioMS2GcA&google_hm=Hi4oKGZHKkXUqJYJQ7u4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTsiiQk0rMJKHv6gZxJATrENuOHL2OjZ1aL2AqG1QoEcHfrRkForyNvgdLsEbnYROrBPP9jo33csqLQnled9QKrBoioMS2GcA&google_hm=Hi4oKGZHKkXUqJYJQ7u4hVs0
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 25 Oct 2023 12:56:14 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTsiiQk0rMJKHv6gZxJATrENuOHL2OjZ1aL2AqG1QoEcHfrRkForyNvgdLsEbnYROrBPP9jo33csqLQnled9QKrBoioMS2GcA&google_hm=Hi4oKGZHKkXUqJYJQ7u4hVs0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sea1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 28A5
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmTRfr2lgDUML...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmTRfr2lgDUMLWQWPX1gBfuE6WK4c22FsbYi0w...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmTRfr2lgDUMLWQWPX1gBfuE6WK4c22FsbYi0w7OZLnpVexdGkenE_PCzcIXE25dubZRHgY0x8eBp2QKU6iV4ogf1B5nh6Iyj_M
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
an-x-request-uuid
65568182-a985-430b-8717-d967653119ee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmTRfr2lgDUMLWQWPX1gBfuE6WK4c22FsbYi0w7OZLnpVexdGkenE_PCzcIXE25dubZRHgY0x8eBp2QKU6iV4ogf1B5nh6Iyj_M
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 28A5
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT_n9y2Xr-1XHvF_6ouOSck90XCtYmFxAcSNKbCg91t2hGEXxdWJbBQesRrvSb1td4Gxc2As1K3VrzUHVKT0ysonNiR_EV8HdY&gdpr=${GDPR}
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmT_n9y2Xr-1XHvF_6ouOSck90XCtYmFxAcSNKbCg91t2hGEXxdWJbBQesRrvSb1td4Gxc2As1K3VrzUHVKT0ysonNiR_EV8HdY&gdpr=${GDPR}
date
Wed, 25 Oct 2023 12:56:13 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 28A5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8jfHt1iPzL-ru2IpSxa66xJUQAqYp2GF0CoaLGnZepspkpHDbdBP5dSLw7ngCRAM-org8Ud4
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 1149 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNm9S5BpoKqlPsNA_v1a7Cy1Gh0CZCQ8IzGOMvJEWs1CcsoEhz6chW79DLdxEusrYMpCLWCUpYQRRMnC6DujDxQIS9JQuBGvgQPw1w3JRiJOBmEM5E2M9XxVxHgWFsyBVX1kTN8MgU5H8xiaj17q27tyDuvcX4p0kbKTH6OYf7-W6Zjz_pSCPKG4FeDOP5OVrGb1Fps7aTn2JxUZuVd9l81zyuJ2Jqia5kOTvtts810t4l0K2a2c7kWjWnc6nbRjSLwoR4_Gdl2N9d5qXL3WaJN5blrxRqaL4luh0_p6dwJr9oIqcHjVlMZb5EvLz5uqY0gg_q5qEPDDEtmZwt2g5AFtu60zhJBmVlIEgVxb0S6xecB49ulW-ihYkzzi5H9lM7_44SsAlfVMpBdbX5hyD2c0K3CiWiUVNiGCv7IaKZOr8FcYT2E1kaSH1z6LWNK7zmpt3d6MbgAL3z4eKZ8s49lvJgl-jCdSnnJzoVln_yvSw5BGqBcFjiwwzCgP6i2Em855u75FbP9oasPGvCtBB9KWp8eFsV0c2xytZKq2Za6TMO8fgsfw34zlIqYTeiTu1A1Xft_9LS_-8uUkMwKRi3BXSo_5vbECDnW_dHPJRo8y2sKUmz2HGLQE7iK416IyGHKEhdyAW0TZbAoJ-V4TUT_57xMhsuxv4LKBEcWzOlA8bt-d0EkxMRHUX9ZTQISI5Fd_DAvRE_QUtZ14Qk14Gp_bouQZ17rNXzKrc6aALvFHzVNXPMtpF2VFU-Vt1IvyLPgr-D8tQB1JuxutwT4V4iLjHDl7g5EKr3C5dNTRwWejM9KlT1LBCtxNdOhbKRh2nDHdJXfBlATS1MDhmIOJJ_rPzUn3kKJ1ckTcSyHuV4UDWVTkGhLEiCU4U8xxyuzHlRWK0TFOzFKRXy-LvQH1mBzee11qlnuTvY-DHF55PJn-NHjurGt3rtKjV-r_DDpqkaq5CWXGseYvjRtVnXrt30CHywW1sKmI7RxbthVLsu2xEF3FIhQf_0Fi3PbnlmryqrSzXYbGFiXvN3pbgW05cjRw1R-fH7kBabBYO4LrlhDhKBWc03OjCto1xa5_GZ60FQWaN6k1lYcuqlMu55CM_lGv80X27_c00rGA6G6zS77hZxUDwkrQ_thOY5IGo4f7JHQkLzuRDy_7bAV3pSAI91ZNbdjm0iPfG1jAvrej6flgTinqr27mlsktdFLMoZaEs7qbpfd8eYINxckdFrVJM_7FPJCZZC8HoWGHqB-fWFlwktcUZkU8QYyFutrD3w9LCL0EgN4lGxhtARVxK0OYxXpt9CpfvKfTh_fvdsE9JebxdP9Epog5s_hxoVjKd4m6Vzz_xJKX8XFVYWYBjpcdqS8vB-BOdn2IUxxzvxgcuuItYZBuvZJ-92a8YtySAp3usInhgH_8Ef_NgBDPx6-SpIMA9U1b16z297xVUgcMVBqsehwhXsnDKNjpxEo0tDOEkjL706Ej1MWIPOjaZP51PW5AP476g2P7z6dZ4dpN2p&sai=AMfl-YSvIKqVB7icMC58zQ1sM7Xq3C5ZpSYkDu5BzoUcgKF4on6nR8iZAuaBKo5RSDWmoEUSO-Rz_gsCXCtZfwfiy8FF-6rYeYQzqNznYlkkKUfxUgYAqIZ9zpuqvy4LR0ojMX9U2acy7Cbdi9V3Z5TvH8MF_cFFqZVKs79I0RnKqVBb2Xuiz02osYtes7s4Dkju6nFwarqmvtxImnRp3wjiSa5-SZSqYSUZNstwCk4xCc5xbIm7ErrgDmEmsPQ12KQ5buWan8KHdqJTuqfHdt02lJx7Z7tdG_vKrP2f5LaRf2APUZxpDnn62x3wvNK1ZC41bpThpEpJKKYXWQissMCBbTq6jYAdMxYSlOy-m9GXFG8dEvrfaIdejxscAE5q_-Kx02AUGct_zMy212GLvZDuR76CI7fEp3LFZ8pucJ9paKaT-0jLx5_zvA&sig=Cg0ArKJSzIsNW9oKEnXWEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2263&vt=11&dtpt=1309&dett=3&cstd=949&cisv=r20231023.76984&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame 66E3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 66E3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l7htFkxE2oRS26KBJ50_J8a8lK6Sa2WfFk5lxA--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l7htFkxE2oRS26KBJ50_J8a8lK6Sa2WfFk5lxA--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15845

Redirect headers

date
Wed, 25 Oct 2023 12:56:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-l7htFkxE2oRS26KBJ50_J8a8lK6Sa2WfFk5lxA--~A
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame 82EC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33a69fccc71aa20fd0456fe1a723f0b5b6d0ded27d125e573f61a12df72c807b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
81ba9e4bdeff6987-FRA
content-encoding
br
content-type
text/html
date
Wed, 25 Oct 2023 12:56:13 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1gEs7vDWniZY%2Bfs7KJb59TeDt7DDBUNPnhr7JcwbXMr3xk1J94ne9FX1n7FgBoOL2UDFUz%2FouiQPoXA6hRp%2FE4bXeOp3Zu%2Buk%2B0y9w2AOgsolS799sDgJ%2BWTMljDTVUMZslhHphoUvNJA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F73E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&cmcv=&pix=undefined&cb=1698238572979&uv=3351&tms=1698238572979&abt=aatest_vB!adxsub-out_vA!adxsub-out_vB!mprdct01val_vB!tbt_all_video!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=3a25842c-3673-4248-ba31-ae81f1769fff&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 Oct 2023 12:56:13 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
adview
securepubads.g.doubleclick.net/pagead/ Frame 5AB8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtsPCahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTHAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb-i6Y4qSy6yGYd-vPMw8KTk3HjjnOnn0zQQjMRLVleeJjp7T7WFPuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N4AKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zNjIyMTU2NDA1MzEzMDYzGNbVEQ&sigh=T7o5Fd3RfMI&uach_m=[UACH]&cid=CAQSPADICaaNXNGdjTvbNKc_kZJ59kCOrpoyPhjJBd6VtFBd88MV2zYp6e8s-tyMvWzMgbyQxuwYcx57DeDmChgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 5AB8 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k4DXFZWYY6wC-gGdg2ICAgAAAIa3FT_jkk6PttfnSAk5jtsQaRA5ZYcDH8SSTPjmRUwAABIAAAoKQVFVQkR3RUJEdw&wp=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
155029
server
Kestrel
content-length
0
qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
pagead2.googlesyndication.com/bg/ Frame 325E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
601921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15077
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 13:44:12 GMT
qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
pagead2.googlesyndication.com/bg/ Frame AA88 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
601921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15077
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 13:44:12 GMT
generate_204
tpc.googlesyndication.com/ Frame 5190 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?k6mPYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame C3D1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 12:01:43 GMT
qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
pagead2.googlesyndication.com/bg/ Frame 568E 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
601921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15077
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 13:44:12 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9FBD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1&google_push=AXcoOmSPegvWS9nUErqV7SVfGE04xQLeTYUYmb0U6zsgTdVEALRk4YuM6tMYuIfMfgF3qKkJWAsgcw007BRg5xcOksClBFxzyzBvLg
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTE0ODc3MjQ5MDQzNzE1NzE2Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFPtgJrv9_aRd4XDM7D2cuY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FBD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP9EFri1pFYbLZnB4DVwKCQ&google_cver=1&google_push=AXcoOmSK1VuSnKQVwz5WXQpALynCensMI-sWor_mT6CrsLI25Y5_HPCJFMOphkkc8cSZWr85ajYdO1Y6h3xU97...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmSK1VuSnKQVwz5WXQpALynCensMI-sWor_mT6CrsLI25Y5_HPCJFMOphkkc8cSZWr85ajYdO1Y6h3xU97GdYX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmSK1VuSnKQVwz5WXQpALynCensMI-sWor_mT6CrsLI25Y5_HPCJFMOphkkc8cSZWr85ajYdO1Y6h3xU97GdYXBZHFK_yzjs
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmSK1VuSnKQVwz5WXQpALynCensMI-sWor_mT6CrsLI25Y5_HPCJFMOphkkc8cSZWr85ajYdO1Y6h3xU97GdYXBZHFK_yzjs
Date
Wed, 25 Oct 2023 12:56:13 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 9FBD
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS-NE...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmS-NEfs-mpMCKwzhlWZPlkh_gQWEFT9UXZgt39FvyTfc7tlEHlGaIsodpjvDWqQ2F5iScGwOXMnkXZU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmS-NEfs-mpMCKwzhlWZPlkh_gQWEFT9UXZgt39FvyTfc7tlEHlGaIsodpjvDWqQ2F5iScGwOXMnkXZUsUy7Uarm_rNC0_IBSw
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmS-NEfs-mpMCKwzhlWZPlkh_gQWEFT9UXZgt39FvyTfc7tlEHlGaIsodpjvDWqQ2F5iScGwOXMnkXZUsUy7Uarm_rNC0_IBSw
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
723047
content-length
0
expires
Wed, 25 Oct 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FBD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEsrr4kYNLNhlhJcAG82Blc&google_cver=1&google_push=AXcoOmR-TQ3YPkmP-0aM2ES1HeunD24hImlfHidJKEg-y1RUfqxCd8cc-f3U218YHnPUszg7NNvfP-hS...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2OTM2ODAzOTI0OTQyODQwMQ&google_push=AXcoOmR-TQ3YPkmP-0aM2ES1HeunD24hImlfHidJKEg-y1RUfqxCd8cc-f3U218YHnPUszg7NNvfP-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2OTM2ODAzOTI0OTQyODQwMQ&google_push=AXcoOmR-TQ3YPkmP-0aM2ES1HeunD24hImlfHidJKEg-y1RUfqxCd8cc-f3U218YHnPUszg7NNvfP-hSQ-clCIbxbgEPV2Cc09L5aA
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2OTM2ODAzOTI0OTQyODQwMQ&google_push=AXcoOmR-TQ3YPkmP-0aM2ES1HeunD24hImlfHidJKEg-y1RUfqxCd8cc-f3U218YHnPUszg7NNvfP-hSQ-clCIbxbgEPV2Cc09L5aA
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
-
s.ad.smaato.net/c/n/// Frame 9FBD 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM2aw8oWEf2si14xNazizXk&google_cver=1&google_push=AXcoOmRP505J4iz4NcWvvZnlq_IisbWdM4-XY-GlqoICpUPS7CHQzIGKjNeRPI6veJewDigaOxUGMHzrCh1R0959O3RrkIAJ_yYSPA
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
cache-control
no-cache, must-revalidate
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
MzgfbDIfl2LHGLk2UiQe5EcAldNolDTCzzMzSprFE1rp5gP-UVZAug==
x-cache
Miss from cloudfront
pixel
cm.g.doubleclick.net/ Frame 9FBD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGNgEqrkB64bbf9_bzxSyF8&google_cver=1&google_push=AXcoOmQ-BU30jfMzBLnP2HvatYjq8SdiQgDMLB6kAAHr5fJzRWkCOSBihltv-zD8PPdj8RqsOWCtTN6Vz0k-923rqKXWPhnECb...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg5MTA1NzUzMDM2MzM2OTQ4ODQ2OQ%3D%3D&google_push=AXcoOmQ-BU30jfMzBLnP2HvatYjq8SdiQgDMLB6kAAHr5fJzRWkCOSBi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg5MTA1NzUzMDM2MzM2OTQ4ODQ2OQ%3D%3D&google_push=AXcoOmQ-BU30jfMzBLnP2HvatYjq8SdiQgDMLB6kAAHr5fJzRWkCOSBihltv-zD8PPdj8RqsOWCtTN6Vz0k-923rqKXWPhnECbuatQ
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Mjg5MTA1NzUzMDM2MzM2OTQ4ODQ2OQ%3D%3D&google_push=AXcoOmQ-BU30jfMzBLnP2HvatYjq8SdiQgDMLB6kAAHr5fJzRWkCOSBihltv-zD8PPdj8RqsOWCtTN6Vz0k-923rqKXWPhnECbuatQ
date
Wed, 25 Oct 2023 12:56:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 9FBD
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTG6skmJ94ifZbbI1nLKjElU4yB-oylJpD24F-vQzgzS-vp6GxIrhv5Z5nIK6_gyFqAr8CYx8Ic7Fuj2ZIFBPMmA9ZluTJ1XJ8&gdpr=${GDPR}
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=b85203c8-60e2-4483-b487-366ad8804e34&google_cver=1&google_gid=CAESELniLO0Y9UPQqsT6RTp26fk&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmTG6skmJ94ifZbbI1nLKjElU4yB-oylJpD24F-vQzgzS-vp6GxIrhv5Z5nIK6_gyFqAr8CYx8Ic7Fuj2ZIFBPMmA9ZluTJ1XJ8&gdpr=${GDPR}
date
Wed, 25 Oct 2023 12:56:13 GMT
server
_
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 9FBD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKZ0I4vW6btkW8kTdqYX4oJvF_ZHW-ERWYJvjkrwAowf1PIh68auUZvt5SrhRlLxnS_6PgWg
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Wed, 25 Oct 2023 12:56:13 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
10124
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1698238573.472351,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
17
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8002
i.match
s.tribalfusion.com/z/ Frame D3AF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBEw148XOyDFefbiW__ZCjQ&google_cver=1&google_push=AXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fjF&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBEw148XOyDFefbiW__ZCjQ&google_cver=1&google_push=AXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fj...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBEw148XOyDFefbiW__ZCjQ&google_cver=1&google_push=AXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fjF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fjF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81ba9e4daf948fd0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
294
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBEw148XOyDFefbiW__ZCjQ&google_cver=1&google_push=AXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fjF&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTQBpYS_TGDqCap_frLvBk1cqkcJxQ9wmaPXovI2UmwzYq4T57oKKz8c5dX7Ibg2URJ5EnmDYST6hry8_cq7IoyBcaN2fjF%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81ba9e4c7e6a8fd0-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D3AF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRrUWJBQWFacnpEbWdBTg==&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_cver=1&google_push=AXcoOmSTnPx0-QTeQseQTWb2QZt5ShuNYi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRrUWJBQWFacnpEbWdBTg==&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_cver=1&google_push=AXcoOmSTnPx0-QTeQseQTWb2QZt5ShuNYiL9EBCY20xlJw_f1LAFTaiDZ7b8GNw9GsVssNN4-M1yZb0aDN3flyTvljL0zpqmgq8
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-eddf8230066-FRA
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1698238573.475674,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WlRrUWJBQWFacnpEbWdBTg==&google_gid=CAESECBk-neP17tF11F4-0dIC-M&google_cver=1&google_push=AXcoOmSTnPx0-QTeQseQTWb2QZt5ShuNYiL9EBCY20xlJw_f1LAFTaiDZ7b8GNw9GsVssNN4-M1yZb0aDN3flyTvljL0zpqmgq8
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D3AF
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEDmlKdnskZcRuG8ov6GH8dg&google_cver=1&google_push=AXcoOmTrp4VNKUKVKje6-syQ2oD7cA4HmCpMGAyvehviT8S75S7KZmEYu6J6y69-0mwZb47x-4phPzeDekl...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTrp4VNKUKVKje6-syQ2oD7cA4HmCpMGAyvehviT8S75S7KZmEYu6J6y69-0mwZb47x-4phPzeDekl31yA3S8sPtnJlTvfj&google_hm=tWjz78hlTBC0agvHwOJaOoQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTrp4VNKUKVKje6-syQ2oD7cA4HmCpMGAyvehviT8S75S7KZmEYu6J6y69-0mwZb47x-4phPzeDekl31yA3S8sPtnJlTvfj&google_hm=tWjz78hlTBC0agvHwOJaOoQ
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmTrp4VNKUKVKje6-syQ2oD7cA4HmCpMGAyvehviT8S75S7KZmEYu6J6y69-0mwZb47x-4phPzeDekl31yA3S8sPtnJlTvfj&google_hm=tWjz78hlTBC0agvHwOJaOoQ
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D3AF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRSv3...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmRSv3ybgDDrx_T2jGo2GNlLHFMSlkNebfZoLSgD1XcOtgx06Ocb1nz7oy7ebGlFRjWh7dH6E4nv2Y3_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmRSv3ybgDDrx_T2jGo2GNlLHFMSlkNebfZoLSgD1XcOtgx06Ocb1nz7oy7ebGlFRjWh7dH6E4nv2Y3_vD1wEAnZWtv3_Ubh
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmRSv3ybgDDrx_T2jGo2GNlLHFMSlkNebfZoLSgD1XcOtgx06Ocb1nz7oy7ebGlFRjWh7dH6E4nv2Y3_vD1wEAnZWtv3_Ubh
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
952859
content-length
0
expires
Wed, 25 Oct 2023 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame D3AF 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECHt0FIahAhn2OcdcrEqVn4&google_cver=1&google_push=AXcoOmRc8Sjoodlf8Pl3NgpguacVhSKAF-n47IOhbsUIaFa_MHdZASbw-6X9M6AMGxYPEYuW-RWOxUYrR-teKJkVz-H-nd1EauLk
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
pixel
cm.g.doubleclick.net/ Frame D3AF
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK7746XUTV6KijL6QyHkrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK7746XUTV6KijL6QyHkrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRXdyRyRZ5pgdzsHJiK-eX5H01T0fSch58_SkfFaMFyjfPlA4TLFb4DCTpmPdOXy5h6FTcxH6-NpgWO467Yc9inQSHy2Jb_
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=EK7746XUTV6KijL6QyHkrA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmRXdyRyRZ5pgdzsHJiK-eX5H01T0fSch58_SkfFaMFyjfPlA4TLFb4DCTpmPdOXy5h6FTcxH6-NpgWO467Yc9inQSHy2Jb_
date
Wed, 25 Oct 2023 12:56:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D3AF
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL18Cl463jKpGtRzVqXw0-A&google_cver=1&google_push=AXcoOmQC7GY89fm7Xj1kk0cCiLOGoRvzrF2ySeU4TLfQjTgCcSYTb0HTTLhQ0LNN9VVVczpBJhP...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmQC7GY89fm7Xj1kk0cCiLOGoRvzrF2ySeU4TLfQjTgCcSYTb0HTTLhQ0LNN9VVVczpBJhPSBckblqnH9FMfUZ0m_nY9ShcI
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmQC7GY89fm7Xj1kk0cCiLOGoRvzrF2ySeU4TLfQjTgCcSYTb0HTTLhQ0LNN9VVVczpBJhPSBckblqnH9FMfUZ0m_nY9ShcI
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmQC7GY89fm7Xj1kk0cCiLOGoRvzrF2ySeU4TLfQjTgCcSYTb0HTTLhQ0LNN9VVVczpBJhPSBckblqnH9FMfUZ0m_nY9ShcI
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame D3AF 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGxQvF9djb9RTDaExQafcZhKJolw__gdF2g-AW_t87jTBfglhG4Nadx1NzIN-WlrlingKe
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sid
mug.criteo.com/ Frame E172
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=zahav.ru&sn=ChromeSyncframe&so=0&topUrl=www.zahav.ru&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=6CDnm3xRR0thMzBpelVHUW8vTERZeWtnY1hEUU0va1Zhc1JyRVdmSXMxdkd5SVVXMGlLYmFPa3Z3QzZ3aXhudjAya3oycW1pS0UvWWVvVHhlUUxpd1p4bCtWUG1DQVI1MHZjVFZVSmxYbjAzWHZ1K0xWQXJZVWJDYTNTRl...
446 B
661 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6CDnm3xRR0thMzBpelVHUW8vTERZeWtnY1hEUU0va1Zhc1JyRVdmSXMxdkd5SVVXMGlLYmFPa3Z3QzZ3aXhudjAya3oycW1pS0UvWWVvVHhlUUxpd1p4bCtWUG1DQVI1MHZjVFZVSmxYbjAzWHZ1K0xWQXJZVWJDYTNTRlRsVEJ3ZS9YeUs3ZzNnVW1zek44NEhnRVdZZE1qOWlhZ2d6T09xandFZDQ5dzlqb1NMWUVxaVpJbFhJMno0cE41K0tEZlFDOHBJRktQZFFrd1M5aTI4TmxQZEdTbUEwdDVRVW1ZUmtZVk1SMllCM2pUNWNKQ2Vieml0dmpWcXRwT3p0aG8zVWQvOG5GTjhIY1NXREpsT3hPUk90QzE1QT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7a0d66c275373a7ed8d783bcbf5ef7d3d7f4fc1cdc84b1cb354391f685fa4377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
801404
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:12 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=6CDnm3xRR0thMzBpelVHUW8vTERZeWtnY1hEUU0va1Zhc1JyRVdmSXMxdkd5SVVXMGlLYmFPa3Z3QzZ3aXhudjAya3oycW1pS0UvWWVvVHhlUUxpd1p4bCtWUG1DQVI1MHZjVFZVSmxYbjAzWHZ1K0xWQXJZVWJDYTNTRlRsVEJ3ZS9YeUs3ZzNnVW1zek44NEhnRVdZZE1qOWlhZ2d6T09xandFZDQ5dzlqb1NMWUVxaVpJbFhJMno0cE41K0tEZlFDOHBJRktQZFFrd1M5aTI4TmxQZEdTbUEwdDVRVW1ZUmtZVk1SMllCM2pUNWNKQ2Vieml0dmpWcXRwT3p0aG8zVWQvOG5GTjhIY1NXREpsT3hPUk90QzE1QT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
280575
content-length
0
expires
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 6C8B 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1056889
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
81ba9e4c682e1e30-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.html
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame F682 		97 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d599683f7ad896f528e1d4ad999b0b236660435b9276efa8fb36b181b7c7925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
497219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21462
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 18:49:14 GMT
expires
Fri, 18 Oct 2024 18:49:14 GMT
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1A78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuI09lOXzVX1OLz4U9--ToooKD8Qtu8NSTdvRFFNy9dobCf6VS2B7zm3UbtM_wzma7JksrdAu2GXBf3CDB7MSUWAP-M13D1zeJ7fvkFfO-lTm_VV5SOPOvZqMQI7GWZc0tQenyi-xCCIil8Ybhwqh6fjJwvkl20hU3yOdKnSoU7J58TQPRRYLI0b99ndnsSCwQlgGLcZalRL1MRdhXZnqjxFqKWaemOr8OZFDd8t2_tANIdODMxq2f1EGORfObTWOIxPtWMeqaRYUCm2VcTDABtYSxTkus0mgSsBD9eYwBsCplMqGdsDaVECWOhccMYc8a7f4bRNw4l1TcL3GrSNZ70d48yZKYWvxGU-cV0L1FZIqeFnntNgTP9IdnGrfqLzieUFPcrTsKcakiGPjzAdIKNUcBqBTLfUp8fJ3iM5goDInD5IFkSimT3phAxxX5BSv1CTLckaF_gyH5_JsZZrelFSXalbxXm0pkDhGfaWLvW7CIKDVTwsazJz6fb4KeobYhN4-U_9vISJsrON2uv_FVZPRO83Fo3-XqF9r6ENiJMUndsrEP5rKzbkzB3afatJiVtfY_nD8r-0ELIvXsOx43KIll63RMBJBOJxSjhDvm9zXB_gINeSbGW20Z-tBnitU7O581aoqqLUo7QhdacxO24Ej2d4jYSqTrZ_HZBK_sLsKhSFGh8S9SWRYIySDyj31RXL-vVV0g0ahQll2mq7O0BiGsLdQiK-KGX1LVRl_2u4BhkMobu6FfdD6S4tLAkgwQA2Rh3TxF_2jq8t55iCilJZrZUQ1tfetxvBFZA1bVWTdsJEhety124UrUI7dS9vaM6lZIzwvf8NhkPwWUlTu2zhmuSF9Pi--mZBH5H116g3kMEVPY9KJcJZtUBSvJlRncJcjP3bYTCJcH5z4YMWexSH8tZLuIUEMHEtLrARvPPrO0_tld5mj6blB3mryEvO9rnOuj2eZi43t0vJUQKkCM3D-gBZWblrIo8Lm2SUVBVNMlMxopBMsuxmN51ykKmMkv9J1k_ibk27Rq_9Aay-2twFqD3f-Bk-50DskrZNJXIt-2eo501aUWhJ67gOfrfrFsblVqsJ9-TqUUXvMGyMFB_Vm9GmAP2xzCPneqTMqogXai8CrZXO-zrOOwI4V9Rr3ehdVurCPly6XVwZcgDlYnbledEwguPzX3cq9wh4o71j7qN1fidh05xE_nnBUW05HvPSMrTz33XEzZI-4QK8NdngpeF4n_aC-W7uaDmOhV1w12EWjLuQOucaLU6-VStVmlp6U8-dNw31LFER_cuPs0Q1nzY4Z26PPAYqlCrZuQFe_oe5TMfqs7AApOeo9K1toFyq9sgh_ok7nQ2Jtny73hsLDXwco93swJCqX1DqwU1TjLR5F2kHpLb3PhYUOTUClcc1z6mStdAN9a_wCNq&sai=AMfl-YRzI_OcY_V9Ib4xgDcMTXeJlZ3BLDnGQUqkeV2zDN9mDzrPg7Fqi6ciShdtQ-ETLAGKhLQKb9NGfkPyr3Y89XfTRhKXvEmME_GsgUVB7LS0FWM6eNq3iDXetuh7ybYLRqJ3mBEfo-tAM8CQwFyCUREGj_v8Bc_ZeoTd7bTgn8pT-nxPS1eU22o1VraD5k1TDd-zYwQjG8oLBypKi-90BIRq-igoBOS2Ld58cwrWt6kOkGe14w323fdQLSegNyxwW6GSM7o&sig=Cg0ArKJSzFxfk2QEQtWsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1277&cbvp=1&cstd=1272&cisv=r20231023.00536&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 12:56:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
93656
tags.bluekai.com/site/ Frame 1A78 		62 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D29364893&phint=crid%3D194691194&phint=pid%3D359160811
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 25 Oct 2023 12:56:13 GMT
content-length
62
bk-server
41e
content-type
image/gif
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3DD2 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FF4D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstl_mis696Wtf7Pbo_ENZjWiCV9o9_sXI1RRKFpdMUHW5BxHFwDQkiJLaPPfixfjR1ah73jallvNT8GLUtWeuWHSZjA3OmVMBO857eXbXeVke27q4KMKiNfiz7nYjXyGDOHVm3EsHTYev6lXQMYxb7Q0C9eiAWj64bR2IhFOIO97FK-W4arIOyPm3JcR_rsY4tKsJwh6gWsiZt74JbAVZJucQDzxoTw3WkOhT81waS9klixjz5Yem5ryMYHmd7Y4dOkdWdheU5dP8-VcOCo-yYiHly_b2C-uqvA--WrJg1iUIw23Y_5ODR4t0mu6d2WQ-Fp0tqwGctkaaeIiSfqcl21ROy8zXeclT3c_0SPtIKkHFGmer5jq3pLfXdbdaYuQxaOZL8Cmoz_CtQ0-G7kOEqGYl6jtG8vQZnfBoZjNS9GUgoAezKVzfbebhaqFaT2-iSU-7tk2hZF_VZePI9r-vi3toIZ7aCdqblgzVq_Blmy8qLWy3RM_YCXKPRezEWwa0M2RC_SvMAPtIf0FAZ8KdvhfR30oZj1Ox5TKywJBBrmJdCLCRFD96piFYSzITRR_T5SorbuDh7GXdiEhReutH7k6SssWwHcRk-DuFSZ5L18pKKYfD4Zud4w0H8a6-ComTvtfMf_leb_D6O0NMRoQc6lV3I71IXuk1pQ7oH1ylkgGW4MiZvVN3KsLnABtX4t1IsywWJXTsC034-cdArg-Vx0Clyd-XSUiuNqWoWcBZXCRQCkS66shB_GE60jJxDkZz2rnLWNelPv3f1H99N9WrQW3WfUkgxfPmH0UaTDZtIM0N9oh4vNFm7_FXiHXyUFNFmEnmVPp5XP8tsPpufWO7R6DZj8fJY1YE69ZSxU9khf1y49nrydSJNOTZ9vDvyDKj0V49gaouzENd0w25xjkFeJwRmp4CHiUtlW-rgWpNJsp1gJCTrVUgKZqqhHs7z5r_5Gt6HIo8Lk46V9fInhJoEcs4pH7XNWZvC6RMMxvsy_nCYL-F6TkJ7DV2eDeSZDMWm8xV4f2EkGOrLZt7KTqsD_4d7M5AZuEEO6Im9ICc3-R-YQ-VBiw41uRMOj8sZDoTyuAREJ1euki3nvAfmT7U2GS6BI5FG5ZgxTYMw9KrPwBq_kioNp92x5yhNePSXKTyeS9pfFv4LOL4PwsJdAPYRE9BAOnLRdB47i0bWSvEK2DPWpYQzWI-TNxtT5dCZ3e36yHehAvqI8P0eSnn8VSyxahhLNG6d2HXNlOafy1TbzakIm7v8RMKkdHcvxyloYAWTMIRFmO9XTI0tEHiO1vUGZv7piueOOcfTCWg2hyuckOyozi-JdOOiR8Fmnsj240HUN6yMSlNNpFHNB28P05p40NuVt5ZNA-yzUqEldjlBWO4hrTZkDF-F8s11I_UkjDARemLa3pzU99LxUbRjWXrDP_pP1WfaRUxDf&sai=AMfl-YRuIpIZh1rNqskjZDo5ngGJ1N2R7IF2en0Im-OOKeaz37xVG2UDJ6mDVqC_0ORDmLFw3CpSIp9p9zPc92rR07Q-UPqfvFTetmUgfHLFuAnRIcKaR1v1gUd1GOVGTqHiOPEteeN9GNzV-uk_goRhsSAJHcz2OowYKwIXcB1kcLIGltW3jO_1426iQxcDbhO78wzKj_7rnUGqsFR0f--TK6DH1YQoNEbF1LNRrsmm2oImHE9lRCnei2PGOfrzxgVKy16BchXvgI2Av-4M9-82h5zWbgRDduiQDi2WFyehQHF1XtqKUL4jKILLkZhkjaSqj6vWyjmQfH54cKaM_rF_KJxv1KxwX04ZzQ5LcxFq_mCbtQd1815tlz8mm4xfhEXhYiQvSJkqF3YpwSfMwV2yj-9Gg0O8&sig=Cg0ArKJSzLEfjPnn4iYWEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2374&vt=11&dtpt=1391&dett=3&cstd=973&cisv=r20231023.34983&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame EE21 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8IJYCLAb4rhliKJyJDRDwXTPEUDgTGygAAABgYID-AMksLKvhaLJxa2a7zVo0GQ3XEodnsVa4jIuZYzdbzmw2IyCZhWU1HE02bs1st1mLJqPhWuLwLNYKl3Exc-xmy5nNZgUXxnKZDGqBkO92GR4-l0FFN5ldns8bVKDpdPhc93rd73eXPowO213y-ssBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAFAcIszysHttrsvpoHAb1A6n3R8AAAAAQAAAAACQAEBYfy4BELO-deL_________P8YAfeaNjP____8bBj0AHnwAPAgBAAD4GBLO5UfjxGEgRqQgtggjAAAAAIrHJoRHJukEFYsq_____VYArgAABCyaoWc8Z9EdlHgLAwAAADBmgR4Wv9_ssGv8bpf5_________zfzf-YfjRBS4UeaIAVcKTW_gAAAa34BAQDYjBsAgDcBcIIOQSsGg9UJiNkBAAAAuPP___-vB8QcvsVgtxuthjOPw7FaTEabxWhiW65sxsHMsbFtD1eMlL81rSR9nwzku12Gh89lUNFNZpfncxAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFsMBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDnYzWar3cqtcaxsbtHIZHNLfIOFW2RbjUzD1cgz803cotfH9PFMlquVcYsEA0b2InlapBONZ7cxbkaTwXCwmNkcNtNiZNntNhPXzOZcLBwTi1iiOVmkE9llX3P4FoPdbrQazjwOx2oxGW0Wo4ltubIZBzPHxrZvDnaz2Wq3cmscK5tbNDLZ3BLfYOEW2VYj03A18sx8E7fo9TF9PJPlamXcN2bL4WQzXM2G-8ZsOZxshqvZcN9hMj1Tn7PRd904PjrD-TezLGtOg8JlsHh_EtNi2p0dRCff0SlzeJQFndHv9_v9fr_f7_f7DVrPwWxQ-LY1W1X9m0iblZXVcTAoYongIp3oHmazw2l2Sx9Gh-3yuoglStNFOtEX_W6X4eFz-StiieB0kU6EfrfLov4jh9gM54rlcq4ZzhWbySoBAAAAAAAAAFiCaaabAAAAADgZ1HA0W63W6WAmu8VqsVougAsYUV0_n_mIfEbdzrvEiTJhV3X5Qos19tjDPcxmh9Pslj6MDtvldWUAFy7fzDb7jCDWarWsAQAACGADAAAI4KYbbwLIorj_____cQAAAGTk0AMAAKDfBzQVt17ogSvFryAWw8lg_wBUiLVarW431mq1AhLEbjGZwP___38!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 25 Oct 2023 12:56:13 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 0C89 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
view
googleads4.g.doubleclick.net/pcs/ Frame DBF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss3Tw9CW5VFDPAN8OIBER6N-uzwbL9mTcdSGn2JdHfqVYk7BS_saBgsDvKoBB30KIguymnmo8e9_njqdHx9W5BqSQX8Ak9vRVRzJq4DZgZl-gmDr_Q1NV8h_mbfZZm6l836PmcSLJHI2BHb-AeZVetyIXE4JvmWi22xV78rEoY89DLZFeUuUmP7cVmfE65qI_M49VWRa2zxnC0RFEZjyO-3MfbSAtOz7tjPTxrJekvL1OwtBCsVzTQwKRWSULpOTjftT1etK94ZtML16zgmE1pa6mHEaAD7kLXWKmfk8XEqT4jQ-iuBR0j7ZfQRRsLmnXM7vUtQaJmpdHoXTp2zSQJ271N7wUeLx_F_iSS9DOXcJn9SwsKjwa_h8-Nye4_l1NiVtNwUVOadFlEu6oupj9F2fXmUa8molSp343w8cZf5DDv3FdzbfhJaXvn4dKzKNMoIRHfKyzgbrN10iGoM4QEDDtVlsp0L_i8qnGIrNQI0YSwhIEiOSo03MjJ3p69nfG5LGk9JWvGC9sIzuXsGexsocoe8ctYrsFS7u8ig5eTOG3-e4j2K2OfRDUhdzv_ratBFJv7qptd2L0ZF5KjCidWuAhmHpWthPDlqwGqI1CBEaDHFMJ254SXWt5xcZJ_Q_PXujVc1l9QB509UsO6c7no2q4F6FuGDVngt029kcEoWpOTiZ0lqFAg1OUW4L4pySOmJEG51qugyiylnwvcNDM_B8Ixa0qxGB22hUMHixC4v0KPnhMY8anKZNKK79-Dqn2M7G9uRxxYf_XYmoZ3CHXmo7U_IHZThbs8sXJOS5XDJZK55-Dvy_bvAVA94UkoXMzO4q7J0hS1k1npu9rjG_BoTEhG2RUyJ-fVJ6iwe4j0E7MIGF9A0H4ALuUJdWo7pm_jdFQO5e8Q2XPhGk_9FhcF4nwVDmDjdIV_5mx71tj8xXxaVsX-GII2Aw3Z7E01y_pWNfZ7dWiviAS8IWF4Kbe2G-hmzjU9EJaiov7xxUKfrLJKsw_D0B-KzKFzKjccsvuXm2jcRYkflV-0LSLBYvrvALJ_eFMzmQkTxCzsmNaGgPBZy_jrd6CW8h1Rpx61IADFvyplXWS3pOQ7AgTKQsxnKjRqdTqYFZZUKiU86w_hpuUdhNJcIg4ro5VC0oWiZvuXUE4xJxSZSfSt5MJh_Q05h9qSnW3zzmue5PtZEose5lx5DnqF6GXk9SKb1MoX5prw2g0TixHkIpHE-bLkYi-Bhmd90jNehw83Uci4DfjC-ROcmX0aiaPhkwM4b2asctp8MjQiIGGS2C_7lgbIGJEi0banGn9kb7Z366IDNDlUhyu7qocEi4LvVWflkwo88e-kZFYN5l3kt-vH4m-8Za3pBLV5tuDuoPHd2Rid4XhOZC6HNfzZeUJvPH3gHnxi_PYdXovLxrzxybRnUZGBvrH2duEQ&sai=AMfl-YTv0Em2--DGczeAw1iLV94srIF_C0yWi5NYVjSA5uFqdwSVXdtGcJTKxgbU_IkMErAT_I5bA92RUKDSFMOvgey3bIEs9hiYePzT2FQi0Q19WDuOwrGZCyqZ1G3PGsB1rFeNVK0S_5kFlY6fW_KY5fh-NEdVphPN9FNxjdzv17MGFKQbM3QwU0jfNjlRtUZ4gHJoUDkkYuzOuPjSE_m99UslZuJ66GbFEU-9rH7LXJ3yoAdo8ZXxdrZCpfKfZdvam904u-d6mjgWYxoxpvnNyqkQhrmffdNIy6soq5oPw6_r9EleB13poo4J0RdwmRYMH2w76rDQZH88rSErMHW7Dwk4hvN9lSMksb_GhwHI7Ha63CqjTOv36VWqenEZdA3hxz5aDZLAWo5eDPEwOPTZlxQ2kEg1&sig=Cg0ArKJSzARv1OK_bwJCEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2525&vt=11&dtpt=1466&dett=3&cstd=1046&cisv=r20231023.56915&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame F73E 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
41fb2af396010bf8caf24206fae2441d39e692c4da4641d58ce6dcf68fa8de16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Oct 2023 03:44:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53194
Connection
keep-alive
Content-Length
11096
Expires
Thu, 26 Oct 2023 03:42:47 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7505 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame 0683 		97 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d599683f7ad896f528e1d4ad999b0b236660435b9276efa8fb36b181b7c7925
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
497219
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21462
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 18:49:14 GMT
expires
Fri, 18 Oct 2024 18:49:14 GMT
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame DCB2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstM2i9aE-fVHXcZNQHf9zK0vEm79E8CNKz3Wpty2WYpTwUn9BfTRUU2FerRpYrfQ7MKRC1_GEw6QUCLhS9o285kjixM695LHHUMFW5_HjVhsPzkHPp3nSy72TO99iSmiXC-Gs-z9Am-Y-otEkzR6M6HnXorFkCbiAYpkKXkBn2nfUk5pAQzEkva4gZHfOk3mD_SPofdnwCbfIIvlIwCW_-lE9nwC-JHx8ntMIX-EEtqe0jrlFHLzP126nlSdCWUE85R7dk3n9IlC15_BMi0Vw5RQIeXHRohrJImgXf1Pr9j_5OiMIJOXFkqcIFGEBwM020MCviDFAQ3jNlGx7-N7Vf7-DugFSQOGSEYKl-2JkU5CLrfz-igEzGopIIFyQvlPC5mhcuk0MKW8A-l9YyrxJFB27DWKIfWugMS5mfFEbb4cXE0iDWbWwQ8aV9TrA6es7uqXzWGIBZW9ry5lgKWHk1Idw0BSH2aYuUT629BjmeKxgm6LRv7xHaMYbKdUg_0MxUHePLVmMwCV6RkLswkPFHBSV73JyWBIYib8iigQPAdoo1bQqKJMRlc-BrY4FNR-eru9Yo4_Lfy1zBGMcNyJgp8YTD7t03DaL1zE_svEP-iIRqfhm_csTgC7LmjyHrKQKsnZcGXZDHXC-gWCHa7X9WrYJ2lYi-ej7ShG9QDfF9AavT1v9YcRtYghodcH7VqLYF_WkchjM_ffhMK2cW9-6jpKvfeTx9W221fRRCpZPgDDQGUXt6GC7orn9wkpOCX4iI-jmP4rzR3GdD--Vr3LYckjCO-urQ0fOWuCRLplIuIxd5VSwWI8k62QNsxmbstIb7_7hHOc0DMmBZ6DIW91KPycFTGbtepm1fwFJULKN4sGggj_kugyneL86wlGMf4_a6OuMgzjkAKJsq4t11BPVNPdmtqI3wH-GJuuhtrOBvFPWgAO0J7OzpY7iLIACcxgVUM0yjz17Ls6PuZH7jaeDXnKsuuUR6FrerbN01OxM3VTAL2m90bo5NKNllp4ZhHyCROWLAZdVpfHQs9orPXbsWn73_ZJ93qJS4UDDxsC6jw9GcE4sjzP2fcv4RPSCCzni5ulAIbLHUvKG4gHHnaHLFY6QMYfb6DT3WeHm8cpOAXSgyRCzfgf7GQqBrGT_vU4kEjiVoQQDU8wO9jKK7LlGWqBiKcD-E_zZrzvP0q7zoLdTuTTTnCLV5tjhPdkvFWM0wqLi0x2XNKK3z-dcGFLVRSn7z-lwABl0A-bRL9F-lgQL9yY8TncKQC2mKPUxWJs75iTGWewPhz9eGEyz-YPhDKpVqbY4yN2F_7L1mslAbfMRKwSMmpI-IaKwXKUgJuiT736zH9HLctayUcnKb6d03x6ff7mJF_j_QY8LX_Dv2v8YAEcBTOWLvXtdombbATPynBcZG9xk7SmBaiOc2R&sai=AMfl-YTlTYhc9VIvm1LHdHuJhE3xERv3wJJ97batGE8vx6SHURmlLdCFnRl6zMrAV9bpn3vO_YTkIOxgT6xq4LWEo8USoLwjXyq9G85_OsPnGN-J_mDZTQ0mLzSlUj43BLXzNN5BzgK_Ie6keYTqYH87Zcq7wO4Gt-dRvDwJeeM0MEpSBBKuVET2A8WvBlireD0SaRTkhbQZ6OcncokhzTP8Vy2GCEWfHfK1gRcrtj4VOiV0qgVGabWJaA4_0yPBZkUEZQfFWCQ&sig=Cg0ArKJSzF_lXyGHjdU8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1128&cbvp=1&cstd=1126&cisv=r20231023.92045&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 12:56:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
93656
tags.bluekai.com/site/ Frame DCB2 		62 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D29364893&phint=crid%3D194691194&phint=pid%3D359160811
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 25 Oct 2023 12:56:13 GMT
content-length
62
bk-server
729
content-type
image/gif
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 46A4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546684
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 05:04:49 GMT
expires
Fri, 18 Oct 2024 05:04:49 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/ Frame AB12 		97 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
298b0596844d5a2e5aedc74ac7517830008083897e802c550da444c522508ec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
563654
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21436
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 19 Oct 2023 00:21:59 GMT
expires
Fri, 18 Oct 2024 00:21:59 GMT
last-modified
Wed, 05 Jul 2023 12:25:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 647C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLQaNwoSi8mR-85iC7UDb-j-0odtp8dbkuklGELEqjCRZ_l9DMDA0rj5Y6XgRGSKVm6iV_yHO3C2YOk2fioTg3FsyjafMeaCCqG-xjsCSiHGNRyDRqJnCdiR1a17FLOwaKSNI-pO5gJreBMIoOBhvgaCujnSvsKzsyQhIcdaGt6rnC1Y_asFOxE27oh0C-F7VuzyURnIRc654WtiBTexVtqkVbwtNEtOWIMRGTTpLsyaE5jaojnaeHnZNmQQpcgYYZEeJcUFJcDnBY6FTz65SVCSgSuXk-pgp9zdamk6bJDCuCVQKOYBTjyks-ia-lqM__bCR79vPV8atLd6ISkj_aC7JNArtG0h1ReyAgqLAvXRP_ADKk8DhVmR7_GNwB267sIJQFayAVKJAdqOPhimTBw3ylXsMfqjuz19HYquesi20XzdW4hED0gTMl0xDydsz3aPpgziqByBqzE3DRmR-nojJNd4v34pnp6HZ-wUfrfRvPN2ckgffSuteWl1Pvtdy3L_aKh29itIh_VXw266uF0CcviWavtZnIKC3Io5Z8o72nZbdFJ4yjhqY9t2lUMpKk7PI7dQDGWGxS6X3zWHkT18-55PB5xc7jTAHegid23VW0eEs4fbcCf8q69_9Q4M52dH8EJ_aORICmPI1c39ndSrGRlB4ngVkCGS4jYK0KUujLwxNQKTvD9VKC_VDkUm-QhPd2ygMjfMzCesC07-ZpG3Rpaoru5dh4g_F9Ef9a-fZUO2UGr92NUa3XqdGzVPbKNNpScZW-crqAwJM6346E5ZC-zhKbVVT2d35wW5lAns3lJtypzlvXtLMWWswdNXybuNsxW_4OHEZ3AIEQaCZdiiVBqjF8pbRm70T2_-2e5-nWMtjVP0F21Uo8bnl-GkUIRT9jbRMWab4T-6Qk4xMZI9Q98Iv-UeuHHRZcUMHan0aEDUFTRIb56QCP6qiCaFK_jxCWENjsnD4LonOQj3WlYlSVr3xSC8GU5Lan3BhGqVjMg5BNt0srsdX2jJ9RSlOUfES2L1pbC__h_BXOZi5ogANZIhS0jdQYqirQYh-B24D0UXLetCb4-rxZYAjiiPHQUSnr7VJyMGFvD2jPnJ1R_I4s3p17Td7OZf32YhMJcm2fgXXr2uGZqWgt6YfoPycw730wyGW_R64pbcfXy8Ms1_dYeA2xwRafVEI2aO9GNwdgzI54dyQeREoha3jWfvG4U4BSm7hUuxyf2IY4tpS7Q-5wJ2KQdTO-zzt-ZcAEYW_1wtWI2b_9g5s1F_OYP0Nx6KTdsSMoeIHO0c6pjlRUxt-rS6UNqueuX4jVKLxcYb-xxOxewVPf5FObtSA71pDNdrGL1GBjjW3snGBed_XVgp4WiB8-vgfD9NLvcCs_11SvR9HkucI9UKgfQhOTKL4ij2GC6UVs1PfiWA&sai=AMfl-YRJrxWJD6PkG40jIAj55ZezH_hpJK1BFGzBZmEJv0rUuMtNWvbHsqYQLq_f2fQcowjQlA9vfurxvWH4jdkVaDYjXHcRFrkK4f2uriYYYJDK1wBkEAlWeT8WDc61zdEZLQxeWjjBZJvLxuENMyXTUettG74L86GGgfo37LkRvSeMFR1gCa96tbFWVnOfzzowshOoqKrT0lE-gEs8VXIEAaDkHUUQSR9cxBnXAEEde1J_EsY7uPdt08HGf37lHQAMsjm_OnE&sig=Cg0ArKJSzGU-PBCiB76eEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1071&cbvp=1&cstd=1069&cisv=r20231023.33312&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 25 Oct 2023 12:56:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
93656
tags.bluekai.com/site/ Frame 647C 		62 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D29364893&phint=crid%3D194537851&phint=pid%3D359274924
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-219.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Wed, 25 Oct 2023 12:56:13 GMT
content-length
62
bk-server
2294
content-type
image/gif
casale
match.adsrvr.org/track/cmf/ Frame 82EC 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
server
Kestrel
content-length
70
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 82EC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 12:56:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5AJQ79B0W0368VPYGAEV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 25 Oct 2023 12:56:13 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6GZB6QMFVB3GP9P4KK9A
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 82EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_cver=1
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p7fIMJdq24AoQqlpqBfmj8k9tTvb6zHqoUcIy8YnhG%2BqHTnzNYk3TMNVrDCQm53%2BgbDyBdFqNaqbCRR5W25THIX05E8NYSQKc0RS426uFV%2FGzkZ%2F88H76q57G7%2B230e8cIzvzlw5msWssQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e4d5e769110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
501709.gif
idsync.rlcdn.com/ Frame 82EC
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZTkQa80EssFQrPU7UfAdtQAA%263169&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZTkQa80EssFQrPU7UfAdtQAA%263169&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=31ddcaba4ec84fe19e37e714fe2eca0a
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=31ddcaba-4ec8-4fe1-9e37-e714fe2eca0a
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73%3A1698238574.348331&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D1b89ed51-e15d-4a47-8e8c-d7fa7d7c...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559730486269835&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D1b89ed51-e15d-4a47-8e...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73%3A1698238574.348331&_=1698238574.350248
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/501709.gif?partner_uid=1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73%3A1698238574.348331&_=1698238574.350248
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Wed, 25 Oct 2023 12:56:14 GMT
via
1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
server
lighttpd/1.4.69
x-amz-cf-pop
FRA56-C2
vary
Cookie
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
location
https://idsync.rlcdn.com/501709.gif?partner_uid=1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73%3A1698238574.348331&_=1698238574.350248
content-length
443
x-amz-cf-id
YjbQMUdro2RBmqRKvQ14UWH-W63MSlvzxZ0vbR87brWvFzm7RhofZw==
rum
r.casalemedia.com/ Frame 82EC
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&gdpr=0&gdpr_consent=
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2V4uW6xetakp8DBFz%2BGCNmmUYj5QeTRxlQbNDWFRd38I%2BU5yq7HLv0n0wv%2Bg7bsHM8AlyHsUiLRdQnkmb4GK3dCJqVdRIATyZrf66GGm%2B4O18YLPToqo3yyD2sFN3REBrEn"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e504b866987-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 25 Oct 2023 12:56:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=797f1e89-b273-4f3c-8232-72426a98c383-6539106c-5858&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 82EC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7769368039249428401&expiration=1699448173
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7769368039249428401&expiration=1699448173
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHHp0zG2k3duQFMHpB0j6YdtaWTTcXusaLoUEqZsNLj7bMOKPBY0vC3%2BRzkJxeCPInl9xWfMPWRwfsKCpJmpCaS4sSJT5B1p9fkmk8KC2FHD9mcvk1DfzgIJYXSyT%2BERbclILvyoytJcqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
81ba9e4e0f199110-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7769368039249428401&expiration=1699448173
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 82EC 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:15eb:19d4:d59:9b24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 82EC 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 82EC 		43 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZTkQa80EssFQrPU7UfAdtQAA%263169
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.zahav.ru%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
53966
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
81ba9e4dea1b90d7-FRA
content-length
43
expires
Thu, 26 Oct 2023 12:56:13 GMT
lg.php
cdn.firstimpression.io/delivery/ Frame C7D2 		1 B
635 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/lg.php?bannerid=97043%7C97045%7C97046%7C97047%7C97048%7C101156&campaignid=9%7C7%7C11%7C16%7C18%7C34&zoneid=114914%7C114914%7C114914%7C114914%7C114914%7C114914
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-54.prg50.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Oct 2023 12:56:13 GMT
Content-Encoding
gzip
Via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://www.zahav.ru
Cache-Control
no-cache, no-store, must-revalidate
X-Amz-Cf-Id
TH4BWQGhqwB6PH4dML-rGf-KRmedmINGbk8cb0DvQndS1kZ_xo3jfQ==
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame C7D2 		36 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=711590
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4f003edced4cacc9a7c4e34b3582c59acc7645668565a7e83493eb37c1a11b0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80m1pDWLbQsBv1lxXZ94AFmtlBpc9hZUW0Pguwr%2FtMKKwqcqiiM5nH5ZlqUEgNf5kIEyYBhU0GBtpTVu3ugbB%2BqE6PSlGWCJy52jokBVCjVd5obSq6RMguDoG%2BHQAcYb75V7q1HE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
81ba9e4d2e3e9110-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame C7D2 		138 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
96c8e8fec3b7d6dc1fbd6595c6f4729c451f64b884c26786b3c0937c107d3a45
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
an-x-request-uuid
1c8ce7e4-3844-43d2-a1d3-4b66d40b1523
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C7D2 		310 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18438&site_id=202928&zone_id=1042372&size_id=10&rp_schain=1.0,1!firstimpression.io,6962,1,,,&rf=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.domain=zahav.ru&tg_i.page=https%3A%2F%2Fwww.zahav.ru%2F&tg_i.figroup=a23&tk_flint=pbjs_lite_v7.46.0-pre&x_source.tid=4f926410-4414-4a13-8764-fd2034cf1e72&l_pb_bid_id=67c5d3b2b4fe96&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4f926410-4414-4a13-8764-fd2034cf1e72&rp_maxbids=1&slots=1&rand=0.7110116870439613
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1ebd29630e5751f90433ff306c1db8ad9eaae25f55d1e3414e2e48db757de429

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
310
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ Frame C7D2 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f20e0c17371bef7147fad31652e68de3b17aaadc0ec06943e6ca0b2b114a4717

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.zahav.ru
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
translator
hbopenbid.pubmatic.com/ Frame C7D2 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
204.237.133.116 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.zahav.ru
date
Wed, 25 Oct 2023 12:56:12 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame BF49 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 12:01:43 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DBF6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEPKn5howalryC3CGE-iVDD4APHonfSDPJ4ONbtt9Cx5EsC_Bwk0wI7eymGXSn0FHl4OtPKqaBtb5L3FYsqcQ7dZafe0S9HLlS6RcY3wzFQ95Z6lIhy8OSBiOMFkkueu2qshxnGPY3Om8p&sai=AMfl-YSxNZHXPlwI1I_BfYEm3bg1KYqqp2rJ8qat8T3V4R1RU6XQN1G74SyiDjJzPhWFYGvLEiMg0FG2Jt2hMD7bqSdOYNqFqZJObW7nsBHWWyzJpeAO4jSyTbbkcCm1&sig=Cg0ArKJSzNQbA6_CNU9WEAE&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&id=lidar2&mcvt=1155&p=15,315,265,1285&mtos=1155,1155,1155,1155,1155&tos=1155,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=111351918&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698238570351&rpt=2056&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame F682 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 17:05:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6FC0 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cbd36d2ab30fc7adc7edcb3bd976822d9800a95a5237dacc440afcefff20bbbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5892
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame EE21 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
41fb2af396010bf8caf24206fae2441d39e692c4da4641d58ce6dcf68fa8de16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Oct 2023 03:44:29 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=53194
Connection
keep-alive
Content-Length
11096
Expires
Thu, 26 Oct 2023 03:42:47 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame 0683 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 17:05:58 GMT
DcmEnabler_01_250.js
s0.2mdn.net/879366/ Frame AB12 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 17:05:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11558
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:37 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 25 Oct 2023 17:05:58 GMT
/
pips.taboola.com/ 		4 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230031-FRA
date
Wed, 25 Oct 2023 12:56:13 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.zahav.ru
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ Frame C7D2 		422 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 08:11:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
17055
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135316
x-xss-protection
0
server
cafe
etag
9779678222609117831
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 24 Oct 2024 08:11:58 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B84E 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77549be4cf8d631e29fe5cdce8f3bf0f65c8088a4aeec8d1a3b3f45753e9f1eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5839
x-xss-protection
0
skeleton.js
static.adsafeprotected.com/ Frame DCB2
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352126/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bi...
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
24397464
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
hWy_DVz_lRr7HRSBJ29WJfZQ1eHBAV4nqyzKXRAVwWsDEUzzDrehBQ==

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:13 GMT
server
nginx
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame FE54 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2983623
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
7Ux2pTJKC8tRXa5AeGJ6ihuI8Bhs29QxNqHgf8Ay0fW0sqpg_2De7Q==
skeleton.js
static.adsafeprotected.com/ Frame 647C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352127/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bi...
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
24397464
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
wOArDXaZk-gkdjf-ZQ7Q0v0OgbMQlTzH2SxLxjSQtJo2_Ka3zM1jbQ==

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
app14.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame AF35 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2983624
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
takncp_q6qzabJV3exQsjNfGEP1_SU4E8O4LOa_RWpGV2FKRJN3B-Q==
fg.png
s0.2mdn.net/sadbundle/9461066680953449411/ Frame AB57 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9461066680953449411/fg.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3fe8ce38a6fdd7a8f83f1fa025073e57e936776a5072d6e87af5796822339a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:04:08 GMT
x-content-type-options
nosniff
age
514326
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3109
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 18:10:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 14:04:08 GMT
cta_1.png
s0.2mdn.net/sadbundle/9461066680953449411/ Frame AB57 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9461066680953449411/cta_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af5ae4e90f652e290a7ace39165b2ab0bc927a7d1eeee190920f9d2167e51468
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 03:09:47 GMT
x-content-type-options
nosniff
age
467187
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4854
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 18:10:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Oct 2024 03:09:47 GMT
text02_1.png
s0.2mdn.net/sadbundle/9461066680953449411/ Frame AB57 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9461066680953449411/text02_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bcb58b6eb71ca551bde3f103391cda70053e81febda9bb7235da9cd6225a35b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 03:37:44 GMT
x-content-type-options
nosniff
age
551910
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2496
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 18:10:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 03:37:44 GMT
text03_1.png
s0.2mdn.net/sadbundle/9461066680953449411/ Frame AB57 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9461066680953449411/text03_1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c7c38363e66ec03f15212b1104ef4b1012d3a7faa9fa469805bfec9bc67faab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 03:37:44 GMT
x-content-type-options
nosniff
age
551910
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1063
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 18:10:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 03:37:44 GMT
text01_2.png
s0.2mdn.net/sadbundle/9461066680953449411/ Frame AB57 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9461066680953449411/text01_2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4085bc8c0b8cdb308147399e12152a808f552c700af0fe15f8059727b3053e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 21:12:42 GMT
x-content-type-options
nosniff
age
143012
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1686
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 18:10:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 21:12:42 GMT
bsh.png
s0.2mdn.net/sadbundle/9461066680953449411/ Frame AB57 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9461066680953449411/bsh.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c09d6f1fea7d0ab9cf3527b9854cfd80cb5d3b01eba9c254fc48192c9ca27442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 03:37:44 GMT
x-content-type-options
nosniff
age
551910
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2124
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 18:10:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 03:37:44 GMT
hi.png
s0.2mdn.net/sadbundle/9461066680953449411/ Frame AB57 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/9461066680953449411/hi.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ee259715a992d48e57dcbddc0c9dfdf0eccfe9380fabb7e450e9e6275b49166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/9461066680953449411/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 08:41:33 GMT
x-content-type-options
nosniff
age
533681
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66414
x-xss-protection
0
last-modified
Wed, 29 Mar 2023 18:10:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 08:41:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6FC0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 12:56:14 GMT
khaos.json
token.rubiconproject.com/ Frame F73E 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
pagead2.googlesyndication.com/bg/ Frame DEE8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
601922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15077
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 13:44:12 GMT
qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
pagead2.googlesyndication.com/bg/ Frame BEAA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
601922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15077
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 13:44:12 GMT
bulk
trc.taboola.com/wallail-zahavru/log/3/ 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/wallail-zahavru/log/3/bulk?tvi48=11593&tvi50=11820&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231025-5-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Wed, 25 Oct 2023 12:56:14 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7265
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230021-FRA
pragma
no-cache
server
nginx
x-timer
S1698238574.135464,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 25 Oct 2023 12:56:14 GMT
cache-control
no-store
server
nginx
logo.png
s0.2mdn.net/sadbundle/1484961235833605488/ Frame B84E 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1484961235833605488/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:03:28 GMT
x-content-type-options
nosniff
age
528766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8111
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 10:03:28 GMT
60015186_20230202011649420_award_logo_300x250_default.png
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame B84E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230202011649420_award_logo_300x250_default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5aedc8850b65270522a00e0f6a65196ec804be7ae19531af2b137cd0df7ac30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 10:03:31 GMT
x-content-type-options
nosniff
age
10363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1630
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 09:16:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 10:03:31 GMT
truncated
/ Frame B84E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
60015186_20230628022311726_300x250_GV60_dynamic-drving.jpg
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame B84E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230628022311726_300x250_GV60_dynamic-drving.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee7265b64ac36b1d161fd8a37bfd3143705c74f2567e73e7d3eb5b4c10da291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1484961235833605488/index.html?e=69&leftOffset=0&topOffset=0&c=ATtSZbh5ah&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 10:18:56 GMT
x-content-type-options
nosniff
age
9438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17237
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 09:23:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 10:18:56 GMT
skeleton.js
static.adsafeprotected.com/ Frame 1A78
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1350098/69352126/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014640618&ias_pubId=pub-4491659496372172&ias_chanId=1&ias_placementId=20606889740&bi...
  • https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
17 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
24397464
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
R_Q6qIYbqJZ8ZMewwhyjJ0kn5O2zYxi20Avg7HF4fOpA4ywRwBBFpg==

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
app25.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame F415 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:de00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
2983624
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
pdA5B_aWL7rMfL0id5-tZ9vCw639B7Cbx-AaBSSgYhbNBzAhNXjgDw==
89f7480c0afa0150edeb7d68276c11dd
pv.medialead.de/trck/epv/ Frame 9E3E 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/89f7480c0afa0150edeb7d68276c11dd?subid=53791500078843104445308012488004&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=71d8dad258&subid=&uid=2ec0603e969218cd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzAJOaRA5Zcb4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QR7ik3rwNya1ZmRGOBuoqJEaIhpF_apvHqTJ-SLJ8s_zx4DdrZ8sg0W9UMv5nbhvMJ0xhKkXceIsW3NqeccInWOGPIXNV06wh1INGWoUNeNPQ3SoGZlx6RNDTTY6s-WLcRZbw8XtwK1eB5RCky3vv1UwHc_8Rur9EqLXqf2LlwDH8NgcTCh4ySyi8iT4tyTzMg4hXHMTD9fPJdRYOjQwYMRcOBM1LOGr7odELI0kvj6AQtxewaOUpHn2Zlh-subOWsvr60dbtrB7yNr6z-BpC-TrXmL27_N4P6Q73laiVNrs3WNVG9XR3_0M9_DN6Z4g5mfIelf8Uo0Zcx6gaem7fMrpS0SwSF6reRExViFAeyMPr7Bhk_vAwBIKowATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhtqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_3V09Reeh7yHZy-ILHlCIh_b6yCtg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DscKryPkgQvl1U4WmIT0ZMW6PMAhnu_i9ffhXoYgiZfTGw0M6be0o1QIHyV0ZcBk9FQaIF35BrXqWiMbI7w46SAj9qtnDKWBGRoKWR1h07lL7mZLYlOO5_MUT8S4j-pvEFAYEJdxx4PdWQjD1ZXPi_5wnhEzrtW-Q3J1oozusU5mYGLZw%26cry%3D1%26dbm_d%3DAKAmf-Axvb5MFrtjofK0AKqY9Umh5-OTDJaZTjX5iFaNngvpOuC5QQwLFbIwkZVJCsZ-QHMyxWIANIngDJOPkxBW7ReprpfGejAg0ai7CLB6ZnnHTt4EOTYjO3tSgiVk3V-B1oGxwn-8Dgn2oAJxGMZap3BGn-9dlOGwoffbAYFS4N74X8J_nPHehFr6K-IzhNTviF1knLfcWwI2tPvMudLatrjI6f-5rg4cK5fvZEU4AMFETQB04POGhltbK-tsUDOw3yTa-oqyRyFUmizpF0uFlRHw6w0v8rljy0v2TIBdGlGcQ1FwgjJ56ZbM-WGAW8e9sLgiB4M71mzupCih5EPYvTuzevIZmiRj6YEDqUqOfH0YAlV2r5HsXm2VNPINBDqusoKYDGLSpcK9jWUTXVTILJ5wXPSAuon_o58FVE2DZPvvjhlPvE2ttybBt1yQ52OiKxGbz3ReqImTS3otPTPZlrQ85yBz_Pv5odL45PYItjek9dzjU_GrYy_t8PSln9nCZHmWzqfe8UeGHukgN3deyVlKo7LIV4HTYc27_Ud_fcVFefifaps%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=6501861472279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"25200521800103626","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Wed, 25 Oct 2023 12:56:14 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40027
x-iplb-request-id
8AC72684:B426_91EFC182:01BB_6539106E_48EE1F2:1193C
request_content.php
hal90004.redintelligence.net/ Frame D527 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/request_content.php?s=53791500078843104445308012488004&a=409532f9
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=71d8dad258&subid=&uid=2ec0603e969218cd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCzAJOaRA5Zcb4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QR7ik3rwNya1ZmRGOBuoqJEaIhpF_apvHqTJ-SLJ8s_zx4DdrZ8sg0W9UMv5nbhvMJ0xhKkXceIsW3NqeccInWOGPIXNV06wh1INGWoUNeNPQ3SoGZlx6RNDTTY6s-WLcRZbw8XtwK1eB5RCky3vv1UwHc_8Rur9EqLXqf2LlwDH8NgcTCh4ySyi8iT4tyTzMg4hXHMTD9fPJdRYOjQwYMRcOBM1LOGr7odELI0kvj6AQtxewaOUpHn2Zlh-subOWsvr60dbtrB7yNr6z-BpC-TrXmL27_N4P6Q73laiVNrs3WNVG9XR3_0M9_DN6Z4g5mfIelf8Uo0Zcx6gaem7fMrpS0SwSF6reRExViFAeyMPr7Bhk_vAwBIKowATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhtqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_3V09Reeh7yHZy-ILHlCIh_b6yCtg%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-DscKryPkgQvl1U4WmIT0ZMW6PMAhnu_i9ffhXoYgiZfTGw0M6be0o1QIHyV0ZcBk9FQaIF35BrXqWiMbI7w46SAj9qtnDKWBGRoKWR1h07lL7mZLYlOO5_MUT8S4j-pvEFAYEJdxx4PdWQjD1ZXPi_5wnhEzrtW-Q3J1oozusU5mYGLZw%26cry%3D1%26dbm_d%3DAKAmf-Axvb5MFrtjofK0AKqY9Umh5-OTDJaZTjX5iFaNngvpOuC5QQwLFbIwkZVJCsZ-QHMyxWIANIngDJOPkxBW7ReprpfGejAg0ai7CLB6ZnnHTt4EOTYjO3tSgiVk3V-B1oGxwn-8Dgn2oAJxGMZap3BGn-9dlOGwoffbAYFS4N74X8J_nPHehFr6K-IzhNTviF1knLfcWwI2tPvMudLatrjI6f-5rg4cK5fvZEU4AMFETQB04POGhltbK-tsUDOw3yTa-oqyRyFUmizpF0uFlRHw6w0v8rljy0v2TIBdGlGcQ1FwgjJ56ZbM-WGAW8e9sLgiB4M71mzupCih5EPYvTuzevIZmiRj6YEDqUqOfH0YAlV2r5HsXm2VNPINBDqusoKYDGLSpcK9jWUTXVTILJ5wXPSAuon_o58FVE2DZPvvjhlPvE2ttybBt1yQ52OiKxGbz3ReqImTS3otPTPZlrQ85yBz_Pv5odL45PYItjek9dzjU_GrYy_t8PSln9nCZHmWzqfe8UeGHukgN3deyVlKo7LIV4HTYc27_Ud_fcVFefifaps%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=6501861472279&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e26f63c7951e4e5c23aacd31b81740b37a4231d96f6d63b90e0a980f10f4f0b2

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1470
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Oct 2023 12:56:14 GMT
Expires
Wed, 25 Oct 2023 13:56:14 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
89f7480c0afa0150151f163b0ba936a5
pv.medialead.de/trck/epv/ Frame 8015 		0
616 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/89f7480c0afa0150151f163b0ba936a5?subid=31984700078412504445308012488017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=64be98ebe4&subid=&uid=9fe3da72dcee5d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEDhpaRA5ZcT4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QhBiwx8TIIU6vS8kxJhgQNhCcvHVbuUUcKP1WGA4rE0fhpRkOxuupC2Qb9NlohpPCAh8ASZj6VIsAcTEjwD7bTb7Pzr1PEGNu-e8cBONpQny5Nho1ScUjn32Po7srgUb_8WzPIWaWh_679-yUI-aJE_gpfjeVOAwCDeKsqwlYxdstYST1PNMXZs82AG2cOlD5ps3-2TXSuq5eb4WSnkEHn4UNJvs6HOBeUNQRZzM4MLkdi8Xs4NVRUuVWDZ1qoKj5WpqVQ0JrG0xJJgWaRPMLSfFl3dUFbKqDGN19eoy9upsu62XOVZadY5TunO0LMhCJH9aQhfBly93StZJCtp3MagG8X_u7HHfANVv19UN5Q2JX5nJwpm182avdwATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhNqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_15q0MLR5sk_VzPyRdmX2kzfhqaLw%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-CtyDAzFdmUh0FQqKJ4w1xVBvgAEXEzN6BfUKQ4vnV5LkztjSlJVTDaoqy7dov-mrQ1WLOSbidU8lW4-P4qqn0J8ZNZ7Cbini5tlnSWhsyRndvJmy8wKbD8kyqEH8Jl0nFjmVv8Z_EAinlqQX8LDOof-obByuyrw9JXyXdOavYmxrvNjE8%26cry%3D1%26dbm_d%3DAKAmf-A7QE_zO6t6FGLrhJO4xbq8R9VcoZ4nwHarsP__l7WRZeUH2UHtpIigFObUKzGJ0srTJtXAXCD93lAO-wKAaEn6ToaP2Dgr1f0XYX8MNdWCIJB8cosXIAmhfyI_hJfvi2TQQ7DlTmes9sEVbUY_zMQ665h8O5Igtr3blvn8xwmgmmtCRA9sjSK3351nGvyvnnNDMVhF-qBskXTwDcJdiUFotlnvbXzlRB4NWz3NKb17flSzORyOAM3FsjxYFmYyOG6dcpOkIoddUh33X7RMLLXvBtetk3hgHsPgr1DlbsD5JovFY4Rj4Prp6oqjFs8MpeQgUSp17GGOxUKTBItzThrjPlYwGTLFzTn4wQY7JiyOyxT8ZLlboOmO6oByhQgX0BF6qDz4Z9qD6_JCpgDibJUKFcTQTkqSh0Pqb-xggLNX5M32JwW3E4rAoaSD1K32S1PxEGqnHJJOxSx5LRxGH7G1DJVa2VRHGUrAyOGJ-upvWkWq6MczK96L6uprwc4882jD2M_5YjomXwt0TeIIMajNngUNUdSHFXq4F8851-8uxiORrIA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=2187212550797&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.193.130 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"SourceEventId":"25200521800105173","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Wed, 25 Oct 2023 12:56:14 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
strict-transport-security
max-age=15768000
vary
Origin
x-iplb-instance
40028
x-iplb-request-id
8AC72684:B424_91EFC182:01BB_6539106E_4942F5A:19774
request_content.php
hal900017.redintelligence.net/ Frame ED4F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900017.redintelligence.net/request_content.php?s=31984700078412504445308012488017&a=e3b1351e
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=0igvbyc5zwtq&nw=20&renderingType=javascript&namespace=64be98ebe4&subid=&uid=9fe3da72dcee5d4a&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=320x50&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCEDhpaRA5ZcT4HaSn3gODkKWgBZumgKJpxYrqi84P8C4QASDRk8MqYJXikIKgB8gBCakCBmGgCJTKsT6oAwHIA5sEqgScAk_QhBiwx8TIIU6vS8kxJhgQNhCcvHVbuUUcKP1WGA4rE0fhpRkOxuupC2Qb9NlohpPCAh8ASZj6VIsAcTEjwD7bTb7Pzr1PEGNu-e8cBONpQny5Nho1ScUjn32Po7srgUb_8WzPIWaWh_679-yUI-aJE_gpfjeVOAwCDeKsqwlYxdstYST1PNMXZs82AG2cOlD5ps3-2TXSuq5eb4WSnkEHn4UNJvs6HOBeUNQRZzM4MLkdi8Xs4NVRUuVWDZ1qoKj5WpqVQ0JrG0xJJgWaRPMLSfFl3dUFbKqDGN19eoy9upsu62XOVZadY5TunO0LMhCJH9aQhfBly93StZJCtp3MagG8X_u7HHfANVv19UN5Q2JX5nJwpm182avdwATRos_UgATgBAOIBbXdyYI-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBogwMKgoKCOS0sQLutbECqg0CREXiDRMIhNqz1Z-RggMVpJN3Ch0DSAlUsBOzoKsU0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB%26sig%3DAOD64_15q0MLR5sk_VzPyRdmX2kzfhqaLw%26client%3Dca-pub-4491659496372172%26dbm_c%3DAKAmf-CtyDAzFdmUh0FQqKJ4w1xVBvgAEXEzN6BfUKQ4vnV5LkztjSlJVTDaoqy7dov-mrQ1WLOSbidU8lW4-P4qqn0J8ZNZ7Cbini5tlnSWhsyRndvJmy8wKbD8kyqEH8Jl0nFjmVv8Z_EAinlqQX8LDOof-obByuyrw9JXyXdOavYmxrvNjE8%26cry%3D1%26dbm_d%3DAKAmf-A7QE_zO6t6FGLrhJO4xbq8R9VcoZ4nwHarsP__l7WRZeUH2UHtpIigFObUKzGJ0srTJtXAXCD93lAO-wKAaEn6ToaP2Dgr1f0XYX8MNdWCIJB8cosXIAmhfyI_hJfvi2TQQ7DlTmes9sEVbUY_zMQ665h8O5Igtr3blvn8xwmgmmtCRA9sjSK3351nGvyvnnNDMVhF-qBskXTwDcJdiUFotlnvbXzlRB4NWz3NKb17flSzORyOAM3FsjxYFmYyOG6dcpOkIoddUh33X7RMLLXvBtetk3hgHsPgr1DlbsD5JovFY4Rj4Prp6oqjFs8MpeQgUSp17GGOxUKTBItzThrjPlYwGTLFzTn4wQY7JiyOyxT8ZLlboOmO6oByhQgX0BF6qDz4Z9qD6_JCpgDibJUKFcTQTkqSh0Pqb-xggLNX5M32JwW3E4rAoaSD1K32S1PxEGqnHJJOxSx5LRxGH7G1DJVa2VRHGUrAyOGJ-upvWkWq6MczK96L6uprwc4882jD2M_5YjomXwt0TeIIMajNngUNUdSHFXq4F8851-8uxiORrIA%26adurl%3D&documentReferer=https%3A%2F%2Fwww.zahav.ru%2F&ancestorOrigins=https%3A%2F%2Fwww.zahav.ru&random=2187212550797&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
cbad99800f156d997c270eafd59d06729d93aeba8c0df6a12b5f54495682b3cb

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1470
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Oct 2023 12:56:14 GMT
Expires
Wed, 25 Oct 2023 13:56:14 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B84E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 12:56:14 GMT
dt
dt.adsafeprotected.com/ Frame DCB2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=7868040e-d754-930b-7304-6ac9459118ca&tv=%7Bc:s40CVT,pingTime:-3,time:1085,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:709%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1085,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:709,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B492~0%5D,as:%5B492~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTHBZ7i+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1e*,rmeas:1,rend:0,renddet:na,siq:711%7D&br=c
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame DCB2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=7868040e-d754-930b-7304-6ac9459118ca&tv=%7Bc:s40CVX,pingTime:-6,time:1089,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1089,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:709,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B495~0%5D,as:%5B495~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTHBZ7i+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1e*,rmeas:1,rend:0,renddet:na,siq:711%7D&tpiLookup=ao:www.zahav.ru*&br=c
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 647C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFRDbgx8j5E_kYd9FjHhCgH8uft9-4aA7TFTzv9QDbqLZCFL3I41GAA7IllwiJiMMBxqbTgymOXqNTbse2O7L1BUCwyDaAgsdH-EgGS_stPzDhHCImtZMrsRR4OQfissuUqzUx2-BKeFcI&sai=AMfl-YQRCkJgzMftZ1HmpyTDg0od7sQwJa9IiYcpw76_ULveOYt_F9JNhk7_e38cO7cK-CiYLqa_H3qEqik6z24mnmO10mywWxj_68NYuaIpugdEN08jFrq6czXpmbG8&sig=Cg0ArKJSzNslzHUvtiivEAE&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&id=lidar2&mcvt=1341&p=1060,580,1310,880&mtos=0,0,1341,1341,1341&tos=0,0,1341,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=0.56&if=1&vu=1&app=0&itpl=20&adk=811035952&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698238570442&rpt=2446&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 647C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=5cee9c66-dbc3-3802-a970-c2ef60fc148d&tv=%7Bc:s40CWO,pingTime:-3,time:1104,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:753%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:753,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B376~0%5D,as:%5B376~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTHBZ7i+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h*.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1h*,rmeas:1,rend:0,renddet:na,siq:754%7D&br=c
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 647C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=5cee9c66-dbc3-3802-a970-c2ef60fc148d&tv=%7Bc:s40CX4,pingTime:-6,time:1120,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1120,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:753,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B392~0%5D,as:%5B392~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTHBZ7i+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h*.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1h*,rmeas:1,rend:0,renddet:na,siq:754%7D&tpiLookup=ao:www.zahav.ru*&br=c
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame AB57 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ Frame 6FC0 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
logo.png
s0.2mdn.net/sadbundle/11952719878557111332/ Frame 6FC0 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11952719878557111332/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 10:04:15 GMT
x-content-type-options
nosniff
age
528719
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8111
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 13:03:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 10:04:15 GMT
60015186_20230202011701910_award_logo_970x250_default.png
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame 6FC0 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230202011701910_award_logo_970x250_default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a5efc58956be2fecb29a3adbad65173c6f93ac4c073d6d1cb0fb541fb487ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 07:42:56 GMT
x-content-type-options
nosniff
age
18798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2309
x-xss-protection
0
last-modified
Thu, 02 Feb 2023 09:17:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 07:42:56 GMT
60015186_20230712053541820_970x250_GV70_image2.jpg
s0.2mdn.net/ads/richmedia/studio/60015186/ Frame 6FC0 		372 KB
372 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60015186/60015186_20230712053541820_970x250_GV70_image2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f76497733ef6f4fb58df25411bbe8d536cc84920c3969b1354248a565ab8bbba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11952719878557111332/index.html?e=69&leftOffset=0&topOffset=0&c=zx6WWbVG2M&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 11:50:41 GMT
x-content-type-options
nosniff
age
3933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
380722
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 12:35:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 26 Oct 2023 11:50:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8C23 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHSrzIICpR3Pb-_gpJz4ZyAbGpb5cRrI2ZxRobf-wXQzL1RK0s_8YpbypBpy4Aps9nSOlwLrLFDRHMzdAHa7wvVpLkMZxOjdUEX1v1Iw_mupdJbQDXMmNzAmgH5ZfwZQMPHBZuR1vv27iT&sai=AMfl-YTOvVBgnY6RbaK-0USXhRj_vyj5fpzQV1eTT7ovMRykhojcNdT36RIGnUonFM3S_NGc5PJFeDsXAUaP9Ve1AItpNVUsHzOxcI-9c8QcIHN_w6N20G9InHcokw-G&sig=Cg0ArKJSzL5o2qx0m1ljEAE&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&id=ampim&o=496,735&d=468,60&ss=1600,1200&bs=1600,1200&mcvt=1365&mtos=0,0,1365,1365,1365&tos=0,0,1365,0,0&tfs=2348&tls=3713&g=99.34895634651184&h=99.34895634651184&tt=3713&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1A78 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=89b766fc-beeb-a1d5-f9ea-63463853be0d&tv=%7Bc:s40CZB,pingTime:-3,time:1328,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1009%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1328,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1008,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B348~0%5D,as:%5B348~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C1631%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d*.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j41%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:1010%7D&br=c
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A78 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=89b766fc-beeb-a1d5-f9ea-63463853be0d&tv=%7Bc:s40CZC,pingTime:-6,time:1329,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1329,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1008,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B349~0%5D,as:%5B349~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C1631%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d*.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j41%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1d*,rmeas:1,rend:0,renddet:na,siq:1010%7D&tpiLookup=ao:www.zahav.ru*&br=c
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C4D7 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46747
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2ED2 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
400dfc022204e7b4ddd76113dc3a58df26df6926c74a5b334ae6a92bd1f773a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D522 		1 KB
646 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46747
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 24 Oct 2023 23:57:07 GMT
etag
48472445140208031
expires
Wed, 25 Oct 2023 23:57:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3DA1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21560e4ffe4831731fd302da2291501d0781bc698334065886ca06bb58b2e561

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
drop_cookie_sw.php
csync.smilewanted.com/ Frame 88DC 		0
343 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ba9e53aab61e30-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 12:56:14 GMT
server
cloudflare
vary
Accept-Encoding
Fyrst_ad2_320x50.jpg
www.ad-server.eu/wm/pb/fyrst/ Frame D527
Redirect Chain
  • https://pv.medialead.de/trck/eview/89f7480c0afa0150edeb7d68276c11dd?subid=53791500078843104445308012488004&gdpr=1&consent=1&gdpr_consent=
  • https://www.ad-server.eu/wm/pb/fyrst/Fyrst_ad2_320x50.jpg
29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.ad-server.eu/wm/pb/fyrst/Fyrst_ad2_320x50.jpg
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=53791500078843104445308012488004&a=409532f9
Protocol
H2
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
e88c4ce8b99dac8de2594f7c0a54464d67b1956907170767f2cd2994fdd99cca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
cdn-edgestorageid
1082
cdn-storageserver
DE-663
cdn-cachedat
10/10/2023 08:31:44
cdn-pullzone
1577101
content-length
29777
last-modified
Sun, 27 Aug 2023 16:39:57 GMT
server
BunnyCDN-DE1-1080
cdn-fileserver
382
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
eb0bc7bf-3958-4a46-b210-d6455c22a1c3
cache-control
public, max-age=259200
cdn-requestid
bfcf52cc8facc30d7f7810c5305667f8
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Wed, 25 Oct 2023 12:56:15 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"25200521800103626","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
8AC72684:B45C_91EFC182:01BB_6539106E_48F0AF2:1193E
x-iplb-instance
40027
vary
Origin
content-type
application/go
access-control-allow-origin
*
location
https://www.ad-server.eu/wm/pb/fyrst/Fyrst_ad2_320x50.jpg
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
FYRST-Festgeld-Schwein-statisch-320x50.jpg
ad-server.eu/wm/pb/fyrst/fyrst_Festgeld/ Frame ED4F
Redirect Chain
  • https://pv.medialead.de/trck/eview/89f7480c0afa0150151f163b0ba936a5?subid=31984700078412504445308012488017&gdpr=1&consent=1&gdpr_consent=
  • https://ad-server.eu/wm/pb/fyrst/fyrst_Festgeld/FYRST-Festgeld-Schwein-statisch-320x50.jpg
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/fyrst/fyrst_Festgeld/FYRST-Festgeld-Schwein-statisch-320x50.jpg
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=31984700078412504445308012488017&a=e3b1351e
Protocol
H2
Server
2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1082 /
Resource Hash
56d9f3976b22e887562827a85403d0d2f4ec79a06508bd553b5df012d109e984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
cdn-edgestorageid
1081
cdn-storageserver
DE-663
cdn-cachedat
10/10/2023 08:31:59
cdn-pullzone
1577101
content-length
25106
last-modified
Tue, 10 Oct 2023 08:30:20 GMT
server
BunnyCDN-DE1-1082
cdn-fileserver
383
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
eb0bc7bf-3958-4a46-b210-d6455c22a1c3
cache-control
public, max-age=259200
cdn-requestid
253ee7d200d209cdd8fba8707b92eb35
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Wed, 25 Oct 2023 12:56:14 GMT
strict-transport-security
max-age=15768000
attribution-reporting-register-source
{"SourceEventId":"25200521800105173","Destination":"https://trck.easy-m.de","Expiry":5184000,"FilterData":{}}
server
nginx
host
pv.medialead.de
x-iplb-request-id
8AC72684:B466_91EFC182:01BB_6539106E_48E91BD:1193D
x-iplb-instance
40027
vary
Origin
content-type
application/go
access-control-allow-origin
*
location
http://ad-server.eu/wm/pb/fyrst/fyrst_Festgeld/FYRST-Festgeld-Schwein-statisch-320x50.jpg
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
0
proxy-host
pv.medialead.de
dt
dt.adsafeprotected.com/ Frame DCB2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=7868040e-d754-930b-7304-6ac9459118ca&tv=%7Bc:s40D1w,pingTime:-2,time:1434,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2832,beZ:2833,mfA:3422,cmA:3423,inA:3423,inZ:3428,prA:3429,prZ:3533,si:3541,poA:3543,poZ:3575,cmZ:3575,mfZ:3575,loA:3920,loZ:3923,ltA:4265,ltZ:4265,mdA:2833,mdZ:2895%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:709%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1434,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:709,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B840~0%5D,as:%5B840~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1e*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:711,sinceFw:722,readyFired:true%7D&br=c
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
pagead2.googlesyndication.com/bg/ Frame 3DD2 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
601922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15077
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 13:44:12 GMT
dt
dt.adsafeprotected.com/ Frame 647C 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=5cee9c66-dbc3-3802-a970-c2ef60fc148d&tv=%7Bc:s40D1G,pingTime:-2,time:1406,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2812,beZ:2813,mfA:3539,cmA:3540,inA:3540,inZ:3541,prA:3541,prZ:3562,si:3565,poA:3566,poZ:3580,cmZ:3580,mfZ:3580,loA:3919,loZ:3945,ltA:4218,ltZ:4218,mdA:2814,mdZ:2839%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:753%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1406,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:753,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B678~0%5D,as:%5B678~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h*.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1h*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:754,sinceFw:652,readyFired:true%7D&br=c
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
khaos.json
token.rubiconproject.com/ Frame EE21 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
pagead2.googlesyndication.com/bg/ Frame 7505 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
601922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15077
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 13:44:12 GMT
qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
pagead2.googlesyndication.com/bg/ Frame 46A4 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qjGD6VgFXvKRKE4CSwOfAUc5_H_3Fq2lAoacrviKkWs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 13:44:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
601922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15077
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Oct 2024 13:44:12 GMT
dt
dt.adsafeprotected.com/ Frame 1A78 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=89b766fc-beeb-a1d5-f9ea-63463853be0d&tv=%7Bc:s40D33,pingTime:-2,time:1542,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2837,beZ:2844,mfA:3815,cmA:3816,inA:3816,inZ:3817,prA:3817,prZ:3843,si:3846,poA:3847,poZ:3865,cmZ:3865,mfZ:3865,loA:4166,loZ:4167,ltA:4379,ltZ:4379,mdA:2845,mdZ:2903%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1009%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1542,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1008,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B563~0%5D,as:%5B563~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C1631%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d*.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j41%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1d*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:na,siq:1010,sinceFw:531,readyFired:true%7D&br=c
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A78 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5-QVjeNg6jG-7WZkAyPUktwSzGomDF_P_U2Nc4YiL51hcyCqpXa_7ceM3IMMBOrENw4rIKKpBi89u99KU-Kk_TSGuUCf9-egnWPLaRebFy80BNKW9IkbDA37YZbclo0escyNfY-sjMhIi&sai=AMfl-YSdjw0X7IhB7TxNdafORrTyOziHp6-_NDZekG0bFEQHhFspTX6K5EF0ieSdQNN2_stYb3GoqM9McQtkdBVc6a1kSULJSv0cWT0eGvz07-6QeJ7ZB_fCK6nn1U73&sig=Cg0ArKJSzEVM4k7ALKn9EAE&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&id=lidar2&mcvt=1208&p=1,1558,41,1599&mtos=1208,1208,1208,1208,1208&tos=1208,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3986781459&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698238570367&rpt=2288&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 54AD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=XeRUzMzbF5zHnohXU3xdArR0Z9PDMHvUxQZj4GxRmqjH02qdHk_thYuY0JOSrHhs4VANH2e6daH-zyDIRcbAkOvSlEgYGIf6_CnLuNBdkey5OePdJ-mMaSKyP-LzEuv4FYFMem8jGqNpe9HWKeDx7dkbq1n8ot3TJ4hbQAlfgtP2xKnNVTIikyBrhEyo5qMq3RWf4_kavB7moKR5AKidAdEpq_uKB9Q2PLBzz0kySfOqvUGMkrYpzG4Tw9ZdmcMe7qpPIw&sds=2&rev=89023&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 Oct 2023 12:56:14 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
/
onetag-sys.com/usync/ Frame 19E3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
viewability
hal90004.redintelligence.net/ Frame D527 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90004.redintelligence.net/viewability?s=53791500078843104445308012488004&a=8fa37d80&vb=m
Requested by
Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=53791500078843104445308012488004&a=409532f9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90004.redintelligence.net/request_content.php?s=53791500078843104445308012488004&a=409532f9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:14 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame D527 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
viewability
hal900017.redintelligence.net/ Frame ED4F 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900017.redintelligence.net/viewability?s=31984700078412504445308012488017&a=5ae7ce0f&vb=m
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=31984700078412504445308012488017&a=e3b1351e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/request_content.php?s=31984700078412504445308012488017&a=e3b1351e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 12:56:14 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame ED4F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame DCB2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss83Kf1f0G23VaprdRgRMO9C7ALnGamQX9aE0qYAqonl_oX6uZr69baOFIjVad3JwLcuLF3mHo_Gs0k2fgQ47LqRjNmTi1GtF3i6rmsXIlJJMZBkooN4RykT6ZTaW0n1_ky4Dc-RI64UuPq&sai=AMfl-YTRAA0_5JuCSbJh3ABbyBmk3RIFT2HtW0nR_B7cu24K421vKMZrUk4zpmWBfZEe3qIzxNHJk9yOgYP_vPzw8ZaML5SaVKJNr8W84naPP6BH2lf-JZi1xvJoAEHe&sig=Cg0ArKJSzB7xiYQV-iG9EAE&cid=CAQSPADICaaNkXrs2TMMwgWP_TL6z9e4o1hHHkwnmkFUL_jY4Yu8RFDAm-6tPvTbWXCTLrm3e-lshBSPwb9oyRgB&id=lidar2&mcvt=1126&p=1,260,41,301&mtos=1126,1126,1126,1126,1126&tos=1126,0,0,0,0&v=20231023&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3986781468&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1698238570385&rpt=2433&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1A78 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuI09lOXzVX1OLz4U9--ToooKD8Qtu8NSTdvRFFNy9dobCf6VS2B7zm3UbtM_wzma7JksrdAu2GXBf3CDB7MSUWAP-M13D1zeJ7fvkFfO-lTm_VV5SOPOvZqMQI7GWZc0tQenyi-xCCIil8Ybhwqh6fjJwvkl20hU3yOdKnSoU7J58TQPRRYLI0b99ndnsSCwQlgGLcZalRL1MRdhXZnqjxFqKWaemOr8OZFDd8t2_tANIdODMxq2f1EGORfObTWOIxPtWMeqaRYUCm2VcTDABtYSxTkus0mgSsBD9eYwBsCplMqGdsDaVECWOhccMYc8a7f4bRNw4l1TcL3GrSNZ70d48yZKYWvxGU-cV0L1FZIqeFnntNgTP9IdnGrfqLzieUFPcrTsKcakiGPjzAdIKNUcBqBTLfUp8fJ3iM5goDInD5IFkSimT3phAxxX5BSv1CTLckaF_gyH5_JsZZrelFSXalbxXm0pkDhGfaWLvW7CIKDVTwsazJz6fb4KeobYhN4-U_9vISJsrON2uv_FVZPRO83Fo3-XqF9r6ENiJMUndsrEP5rKzbkzB3afatJiVtfY_nD8r-0ELIvXsOx43KIll63RMBJBOJxSjhDvm9zXB_gINeSbGW20Z-tBnitU7O581aoqqLUo7QhdacxO24Ej2d4jYSqTrZ_HZBK_sLsKhSFGh8S9SWRYIySDyj31RXL-vVV0g0ahQll2mq7O0BiGsLdQiK-KGX1LVRl_2u4BhkMobu6FfdD6S4tLAkgwQA2Rh3TxF_2jq8t55iCilJZrZUQ1tfetxvBFZA1bVWTdsJEhety124UrUI7dS9vaM6lZIzwvf8NhkPwWUlTu2zhmuSF9Pi--mZBH5H116g3kMEVPY9KJcJZtUBSvJlRncJcjP3bYTCJcH5z4YMWexSH8tZLuIUEMHEtLrARvPPrO0_tld5mj6blB3mryEvO9rnOuj2eZi43t0vJUQKkCM3D-gBZWblrIo8Lm2SUVBVNMlMxopBMsuxmN51ykKmMkv9J1k_ibk27Rq_9Aay-2twFqD3f-Bk-50DskrZNJXIt-2eo501aUWhJ67gOfrfrFsblVqsJ9-TqUUXvMGyMFB_Vm9GmAP2xzCPneqTMqogXai8CrZXO-zrOOwI4V9Rr3ehdVurCPly6XVwZcgDlYnbledEwguPzX3cq9wh4o71j7qN1fidh05xE_nnBUW05HvPSMrTz33XEzZI-4QK8NdngpeF4n_aC-W7uaDmOhV1w12EWjLuQOucaLU6-VStVmlp6U8-dNw31LFER_cuPs0Q1nzY4Z26PPAYqlCrZuQFe_oe5TMfqs7AApOeo9K1toFyq9sgh_ok7nQ2Jtny73hsLDXwco93swJCqX1DqwU1TjLR5F2kHpLb3PhYUOTUClcc1z6mStdAN9a_wCNq&sai=AMfl-YRzI_OcY_V9Ib4xgDcMTXeJlZ3BLDnGQUqkeV2zDN9mDzrPg7Fqi6ciShdtQ-ETLAGKhLQKb9NGfkPyr3Y89XfTRhKXvEmME_GsgUVB7LS0FWM6eNq3iDXetuh7ybYLRqJ3mBEfo-tAM8CQwFyCUREGj_v8Bc_ZeoTd7bTgn8pT-nxPS1eU22o1VraD5k1TDd-zYwQjG8oLBypKi-90BIRq-igoBOS2Ld58cwrWt6kOkGe14w323fdQLSegNyxwW6GSM7o&sig=Cg0ArKJSzFxfk2QEQtWsEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2555&vt=11&dtpt=1278&dett=3&cstd=1272&cisv=r20231023.00536&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame E148 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3271
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 12:01:43 GMT
pixel
ap.lijit.com/ Frame 039A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.14.3 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
3.14.251.63.unassigned.ord.singlehop.net
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Wed, 25 Oct 2023 12:56:15 GMT
X-Sovrn-Pod
ad_ap2sea1
view
googleads4.g.doubleclick.net/pcs/ Frame DCB2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstM2i9aE-fVHXcZNQHf9zK0vEm79E8CNKz3Wpty2WYpTwUn9BfTRUU2FerRpYrfQ7MKRC1_GEw6QUCLhS9o285kjixM695LHHUMFW5_HjVhsPzkHPp3nSy72TO99iSmiXC-Gs-z9Am-Y-otEkzR6M6HnXorFkCbiAYpkKXkBn2nfUk5pAQzEkva4gZHfOk3mD_SPofdnwCbfIIvlIwCW_-lE9nwC-JHx8ntMIX-EEtqe0jrlFHLzP126nlSdCWUE85R7dk3n9IlC15_BMi0Vw5RQIeXHRohrJImgXf1Pr9j_5OiMIJOXFkqcIFGEBwM020MCviDFAQ3jNlGx7-N7Vf7-DugFSQOGSEYKl-2JkU5CLrfz-igEzGopIIFyQvlPC5mhcuk0MKW8A-l9YyrxJFB27DWKIfWugMS5mfFEbb4cXE0iDWbWwQ8aV9TrA6es7uqXzWGIBZW9ry5lgKWHk1Idw0BSH2aYuUT629BjmeKxgm6LRv7xHaMYbKdUg_0MxUHePLVmMwCV6RkLswkPFHBSV73JyWBIYib8iigQPAdoo1bQqKJMRlc-BrY4FNR-eru9Yo4_Lfy1zBGMcNyJgp8YTD7t03DaL1zE_svEP-iIRqfhm_csTgC7LmjyHrKQKsnZcGXZDHXC-gWCHa7X9WrYJ2lYi-ej7ShG9QDfF9AavT1v9YcRtYghodcH7VqLYF_WkchjM_ffhMK2cW9-6jpKvfeTx9W221fRRCpZPgDDQGUXt6GC7orn9wkpOCX4iI-jmP4rzR3GdD--Vr3LYckjCO-urQ0fOWuCRLplIuIxd5VSwWI8k62QNsxmbstIb7_7hHOc0DMmBZ6DIW91KPycFTGbtepm1fwFJULKN4sGggj_kugyneL86wlGMf4_a6OuMgzjkAKJsq4t11BPVNPdmtqI3wH-GJuuhtrOBvFPWgAO0J7OzpY7iLIACcxgVUM0yjz17Ls6PuZH7jaeDXnKsuuUR6FrerbN01OxM3VTAL2m90bo5NKNllp4ZhHyCROWLAZdVpfHQs9orPXbsWn73_ZJ93qJS4UDDxsC6jw9GcE4sjzP2fcv4RPSCCzni5ulAIbLHUvKG4gHHnaHLFY6QMYfb6DT3WeHm8cpOAXSgyRCzfgf7GQqBrGT_vU4kEjiVoQQDU8wO9jKK7LlGWqBiKcD-E_zZrzvP0q7zoLdTuTTTnCLV5tjhPdkvFWM0wqLi0x2XNKK3z-dcGFLVRSn7z-lwABl0A-bRL9F-lgQL9yY8TncKQC2mKPUxWJs75iTGWewPhz9eGEyz-YPhDKpVqbY4yN2F_7L1mslAbfMRKwSMmpI-IaKwXKUgJuiT736zH9HLctayUcnKb6d03x6ff7mJF_j_QY8LX_Dv2v8YAEcBTOWLvXtdombbATPynBcZG9xk7SmBaiOc2R&sai=AMfl-YTlTYhc9VIvm1LHdHuJhE3xERv3wJJ97batGE8vx6SHURmlLdCFnRl6zMrAV9bpn3vO_YTkIOxgT6xq4LWEo8USoLwjXyq9G85_OsPnGN-J_mDZTQ0mLzSlUj43BLXzNN5BzgK_Ie6keYTqYH87Zcq7wO4Gt-dRvDwJeeM0MEpSBBKuVET2A8WvBlireD0SaRTkhbQZ6OcncokhzTP8Vy2GCEWfHfK1gRcrtj4VOiV0qgVGabWJaA4_0yPBZkUEZQfFWCQ&sig=Cg0ArKJSzF_lXyGHjdU8EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2431&vt=11&dtpt=1303&dett=3&cstd=1126&cisv=r20231023.92045&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 647C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLQaNwoSi8mR-85iC7UDb-j-0odtp8dbkuklGELEqjCRZ_l9DMDA0rj5Y6XgRGSKVm6iV_yHO3C2YOk2fioTg3FsyjafMeaCCqG-xjsCSiHGNRyDRqJnCdiR1a17FLOwaKSNI-pO5gJreBMIoOBhvgaCujnSvsKzsyQhIcdaGt6rnC1Y_asFOxE27oh0C-F7VuzyURnIRc654WtiBTexVtqkVbwtNEtOWIMRGTTpLsyaE5jaojnaeHnZNmQQpcgYYZEeJcUFJcDnBY6FTz65SVCSgSuXk-pgp9zdamk6bJDCuCVQKOYBTjyks-ia-lqM__bCR79vPV8atLd6ISkj_aC7JNArtG0h1ReyAgqLAvXRP_ADKk8DhVmR7_GNwB267sIJQFayAVKJAdqOPhimTBw3ylXsMfqjuz19HYquesi20XzdW4hED0gTMl0xDydsz3aPpgziqByBqzE3DRmR-nojJNd4v34pnp6HZ-wUfrfRvPN2ckgffSuteWl1Pvtdy3L_aKh29itIh_VXw266uF0CcviWavtZnIKC3Io5Z8o72nZbdFJ4yjhqY9t2lUMpKk7PI7dQDGWGxS6X3zWHkT18-55PB5xc7jTAHegid23VW0eEs4fbcCf8q69_9Q4M52dH8EJ_aORICmPI1c39ndSrGRlB4ngVkCGS4jYK0KUujLwxNQKTvD9VKC_VDkUm-QhPd2ygMjfMzCesC07-ZpG3Rpaoru5dh4g_F9Ef9a-fZUO2UGr92NUa3XqdGzVPbKNNpScZW-crqAwJM6346E5ZC-zhKbVVT2d35wW5lAns3lJtypzlvXtLMWWswdNXybuNsxW_4OHEZ3AIEQaCZdiiVBqjF8pbRm70T2_-2e5-nWMtjVP0F21Uo8bnl-GkUIRT9jbRMWab4T-6Qk4xMZI9Q98Iv-UeuHHRZcUMHan0aEDUFTRIb56QCP6qiCaFK_jxCWENjsnD4LonOQj3WlYlSVr3xSC8GU5Lan3BhGqVjMg5BNt0srsdX2jJ9RSlOUfES2L1pbC__h_BXOZi5ogANZIhS0jdQYqirQYh-B24D0UXLetCb4-rxZYAjiiPHQUSnr7VJyMGFvD2jPnJ1R_I4s3p17Td7OZf32YhMJcm2fgXXr2uGZqWgt6YfoPycw730wyGW_R64pbcfXy8Ms1_dYeA2xwRafVEI2aO9GNwdgzI54dyQeREoha3jWfvG4U4BSm7hUuxyf2IY4tpS7Q-5wJ2KQdTO-zzt-ZcAEYW_1wtWI2b_9g5s1F_OYP0Nx6KTdsSMoeIHO0c6pjlRUxt-rS6UNqueuX4jVKLxcYb-xxOxewVPf5FObtSA71pDNdrGL1GBjjW3snGBed_XVgp4WiB8-vgfD9NLvcCs_11SvR9HkucI9UKgfQhOTKL4ij2GC6UVs1PfiWA&sai=AMfl-YRJrxWJD6PkG40jIAj55ZezH_hpJK1BFGzBZmEJv0rUuMtNWvbHsqYQLq_f2fQcowjQlA9vfurxvWH4jdkVaDYjXHcRFrkK4f2uriYYYJDK1wBkEAlWeT8WDc61zdEZLQxeWjjBZJvLxuENMyXTUettG74L86GGgfo37LkRvSeMFR1gCa96tbFWVnOfzzowshOoqKrT0lE-gEs8VXIEAaDkHUUQSR9cxBnXAEEde1J_EsY7uPdt08HGf37lHQAMsjm_OnE&sig=Cg0ArKJSzGU-PBCiB76eEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2374&vt=11&dtpt=1303&dett=3&cstd=1069&cisv=r20231023.33312&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 20FF 		0
0
outbid
outbid.firstimpression.io/v1/ Frame C7D2 		197 B
471 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://outbid.firstimpression.io/v1/outbid?id=6962
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/fiamp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-57.fra56.r.cloudfront.net
Software
/
Resource Hash
bf3f4b159c85e41976ee8d51206226156f7b2bbe522a960dc2c216b46b68b0cf

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 25 Oct 2023 12:56:14 GMT
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
*
content-length
197
x-amz-cf-id
OmwGTsn8ajoR0VuLmBVUD7x5FpWgkCIOwH0Ds2M6qGKgwSGiHj6W_w==
RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003
csync.smilewanted.com/set_partner_userid_get/unruly/ Frame 2933
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://ad.turn.com/r/cs?pid=45&rndcb=7657994497
  • https://sync.1rx.io/usersync/turn/9148772490437157163?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003?redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Funruly%2FRX-7d6dec20-6b67-4d03-a287-e9b...
  • https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003
0
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ba9e562e281e30-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 12:56:15 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html
date
Wed, 25 Oct 2023 12:56:15 GMT
etag
RX7d6dec206b674d03a287e9bb13129a8f003
location
https://csync.smilewanted.com/set_partner_userid_get/unruly/RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
179aae56-a184-522a-98be-4df2fd875d9d
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 8E5B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=1411800119198525653
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/179aae56-a184-522a-98be-4df2fd875d9d
0
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/179aae56-a184-522a-98be-4df2fd875d9d
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ba9e562e351e30-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 12:56:15 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/179aae56-a184-522a-98be-4df2fd875d9d
smwt256.gif
us.ck-ie.com/ Frame FB34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Wed, 25 Oct 2023 12:56:15 GMT
Server
nginx
7769368039249428401
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 23FD
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/7769368039249428401
0
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/7769368039249428401
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ba9e5a3b5a1e30-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 12:56:15 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 25 Oct 2023 12:56:15 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/7769368039249428401
server
nginx
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame 6733 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 12:01:43 GMT
i.match
a.tribalfusion.com/ Frame C4D7 		43 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEBEw148XOyDFefbiW__ZCjQ&google_cver=1&google_push=AXcoOmSGRHe_cK2uoYPUyZV1D3X8coETPvml085iZK9uyB9x7XWs3-Ii39edIjlDzRoSClwvGXiZ7qhn2buUloVlY1CeiFlLu7B2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSGRHe_cK2uoYPUyZV1D3X8coETPvml085iZK9uyB9x7XWs3-Ii39edIjlDzRoSClwvGXiZ7qhn2buUloVlY1CeiFlLu7B2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81ba9e5688db8fd0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C4D7
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEJyHdcH4kz8sZ7E8lg58WIA&google_cver=1&google_push=AXcoOmR2RvOYLW0Wre__m728LLa9jZkZ18Bx5k7U5GM1BjU5MqOVbrFIRbgM0W1bkyfG6k3CpmsHq_sResF-P9QBraJ-gA-...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR2RvOYLW0Wre__m728LLa9jZkZ18Bx5k7U5GM1BjU5MqOVbrFIRbgM0W1bkyfG6k3CpmsHq_sResF-P9QBraJ-gA-mvSVp
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR2RvOYLW0Wre__m728LLa9jZkZ18Bx5k7U5GM1BjU5MqOVbrFIRbgM0W1bkyfG6k3CpmsHq_sResF-P9QBraJ-gA-mvSVp
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmR2RvOYLW0Wre__m728LLa9jZkZ18Bx5k7U5GM1BjU5MqOVbrFIRbgM0W1bkyfG6k3CpmsHq_sResF-P9QBraJ-gA-mvSVp
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame C4D7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL18Cl463jKpGtRzVqXw0-A&google_cver=1&google_push=AXcoOmTIBEPzxb5l9YheHmjm08OhU4a5pnLvyNlOHxFPCujY-iVML-lATMp9esIBE_cfIJ_hKrJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmTIBEPzxb5l9YheHmjm08OhU4a5pnLvyNlOHxFPCujY-iVML-lATMp9esIBE_cfIJ_hKrJomwtFsXHaYZ2ikPVbFSVzDUAR
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmTIBEPzxb5l9YheHmjm08OhU4a5pnLvyNlOHxFPCujY-iVML-lATMp9esIBE_cfIJ_hKrJomwtFsXHaYZ2ikPVbFSVzDUAR
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE81UkVBQlAtMTYtREtGSA==&google_push=AXcoOmTIBEPzxb5l9YheHmjm08OhU4a5pnLvyNlOHxFPCujY-iVML-lATMp9esIBE_cfIJ_hKrJomwtFsXHaYZ2ikPVbFSVzDUAR
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Expires
0
pixel
cm.g.doubleclick.net/ Frame C4D7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_hm=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&google_nid=index&google_push=AXcoOmRU-bu6rej2FCcYQYwGTQYP6vjdJYZHW...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_hm=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&google_nid=index&google_push=AXcoOmRU-bu6rej2FCcYQYwGTQYP6vjdJYZHWpQNSTZCHM2an8cmzNamDTC8uHXVrKP6qgIK5iAbUqNr_STK11cKGvZnV2l20KNk
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mar20RK6pJ6%2Fc17jDZUP3sJn1S6cpf8lHoV0z0QI0N6GtGZu5x53fa7vEaViRGOno%2FIeuPZwkb0h8rcrJtSn7aAvu%2FMg7PBND9BtP0ijXZs10zLFId%2FKo9se897TJmZ3xAc3q8r2VPPVDA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOqbmHYUReb7AAXpZe9fxTQ&google_hm=ZTkQa80EssFQrPU7UfAdtQAADGEAAAAB&google_nid=index&google_push=AXcoOmRU-bu6rej2FCcYQYwGTQYP6vjdJYZHWpQNSTZCHM2an8cmzNamDTC8uHXVrKP6qgIK5iAbUqNr_STK11cKGvZnV2l20KNk
cache-control
no-cache
cf-ray
81ba9e568ed69110-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
-
s.ad.smaato.net/c/n/// Frame C4D7 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM2aw8oWEf2si14xNazizXk&google_cver=1&google_push=AXcoOmREWgIAAhwZfB50UGH-FYXjXqXxjPBVZfIo2nAhzs5hFtfZvpQc-mz-iXYAW3JaoiClCCi3qNhOjQrANVkGFSIofkdtvOJU
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
2
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
MTndzh5Y-XJ5QepRf1xj2Y9uGBIDMZhslF1AcLFUovWH-nWMY4f9PA==
ebda
match.360yield.com/match/ Frame C4D7 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.360yield.com/match/ebda?google_gid=CAESEOaT8HxElmxoSxXodAPg2Wo&google_cver=1&google_push=AXcoOmSENjsTi93L0XfYHfKHLaWOot8njELAk_Qn9C_BiUzZzzfK0lFBKpfJ9mIbWVzduyXilzZKM7fnmQf-9oLQeO1L7c54Wa77
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.214.242.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-242-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 25 Oct 2023 12:56:15 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame C4D7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQa1n_yOxRMj...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQa1n_yOxRMjHmydZk6skUWzLQ10Sfk3neXM9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQa1n_yOxRMjHmydZk6skUWzLQ10Sfk3neXM98xWVaGyqwuWlObH55gynf4fkNR6ONsXEMUmKpZKe9BscMcZpRb1QUNxP4xEw
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
an-x-request-uuid
6f8c3601-eab2-422a-a034-a01f946a7156
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MzA5ODgwNzUyMzMyNDQ1Nzc1&google_gid=CAESEFShkjknJ54Jg-h4OUIJsJE&google_cver=1&google_push=AXcoOmQa1n_yOxRMjHmydZk6skUWzLQ10Sfk3neXM98xWVaGyqwuWlObH55gynf4fkNR6ONsXEMUmKpZKe9BscMcZpRb1QUNxP4xEw
x-proxy-origin
138.199.38.132; 138.199.38.132; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C4D7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9TZnHhEWLMTXFFvpsY2kVvERDgB9fpYSWhPsur64akP4qho_Tdg-1459HSM85I-cezhG0uA
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
i.match
a.tribalfusion.com/ Frame D522 		43 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEBEw148XOyDFefbiW__ZCjQ&google_cver=1&google_push=AXcoOmQjMgz9ehPdV1NnxCw0Xoycz9IrdfoQEQEOblx4-MbrPOCjoqP3PpH2k3u3Eu8kM4n1852_4g8KKI4PMLGzCPqkl__jaIY&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQjMgz9ehPdV1NnxCw0Xoycz9IrdfoQEQEOblx4-MbrPOCjoqP3PpH2k3u3Eu8kM4n1852_4g8KKI4PMLGzCPqkl__jaIY%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
81ba9e5688e98fd0-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D522
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEP9EFri1pFYbLZnB4DVwKCQ&google_cver=1&google_push=AXcoOmS5-BXseo59HA2HQtMcxFmlgOzBuO7ecJ0jZGdMh0cdXaCJk3pxWsEuFt43eWKZvn6_alBmbrBxoOY5Z4...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmS5-BXseo59HA2HQtMcxFmlgOzBuO7ecJ0jZGdMh0cdXaCJk3pxWsEuFt43eWKZvn6_alBmbrBxoOY5Z4lkt3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmS5-BXseo59HA2HQtMcxFmlgOzBuO7ecJ0jZGdMh0cdXaCJk3pxWsEuFt43eWKZvn6_alBmbrBxoOY5Z4lkt3ADETv_OuU
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI5Mzg3OTEzMTg1NTMyMTI0MQ%3D%3D&google_push=AXcoOmS5-BXseo59HA2HQtMcxFmlgOzBuO7ecJ0jZGdMh0cdXaCJk3pxWsEuFt43eWKZvn6_alBmbrBxoOY5Z4lkt3ADETv_OuU
Date
Wed, 25 Oct 2023 12:56:15 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame D522
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFKn_GBgr6uDXcq_afg1ZXg&google_cver=1&google_push=AXcoOmTitqQVbs2GGZzr3gSRASDJQgnjG58sPS37mp5aykGaFUr8D30b-vj301sx-khwx8yPP8bG6pWdK7IeGV4YW_5SOmR...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTitqQVbs2GGZzr3gSRASDJQgnjG58sPS37mp5aykGaFUr8D30b-vj301sx-khwx8yPP8bG6pWdK7IeGV4YW_5SOmRbnXw&google_hm=eS1QZm8zRXdCRTJwR1hsWVZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTitqQVbs2GGZzr3gSRASDJQgnjG58sPS37mp5aykGaFUr8D30b-vj301sx-khwx8yPP8bG6pWdK7IeGV4YW_5SOmRbnXw&google_hm=eS1QZm8zRXdCRTJwR1hsWVZ2YmNZY2xpZDJTZ19BSzIzS35B
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 25 Oct 2023 12:56:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmTitqQVbs2GGZzr3gSRASDJQgnjG58sPS37mp5aykGaFUr8D30b-vj301sx-khwx8yPP8bG6pWdK7IeGV4YW_5SOmRbnXw&google_hm=eS1QZm8zRXdCRTJwR1hsWVZ2YmNZY2xpZDJTZ19BSzIzS35B
content-length
0
pixel
cm.g.doubleclick.net/ Frame D522
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQgSv...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmQgSvkpqhOjeoGru6gxF5OCdMqg5yMcw72GPLyHFeSlzKs4nKJVVSxwIPTvOEcGBMRuAfMwUyxKy9eP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmQgSvkpqhOjeoGru6gxF5OCdMqg5yMcw72GPLyHFeSlzKs4nKJVVSxwIPTvOEcGBMRuAfMwUyxKy9ePVZO5bxFsu7GMGmE
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:14 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-YN6qCLXO_fWKNTRQIXggfu-Wu2TBCzGbiKZWDQ&google_push=AXcoOmQgSvkpqhOjeoGru6gxF5OCdMqg5yMcw72GPLyHFeSlzKs4nKJVVSxwIPTvOEcGBMRuAfMwUyxKy9ePVZO5bxFsu7GMGmE
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
601572
content-length
0
expires
Wed, 25 Oct 2023 00:00:00 GMT
-
s.ad.smaato.net/c/n/// Frame D522 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEM2aw8oWEf2si14xNazizXk&google_cver=1&google_push=AXcoOmS3h0FmRyQccvbsDk2pV1c4o2xjYTtD-9Hr_rDBCfayBnA21-qUoKFzGLVyVxqom6xgRCLrNcz631blUmG09370eLy-QE4
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:3800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:13 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
2
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
0lUAfiItTIcgawBPPIj_dfGjRRkLcH1a1d7loI_u--rI1vyRdvnUKg==
pixel
cm.g.doubleclick.net/ Frame D522
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEEEHkjGJhGgz67JGTInmisQ&google_cver=1&google_push=AXcoOmQDUj8x_Aed4U69yG_1Jgx_qRCT9eUnsvbp10uJ-Sn-vPqoO4TFzRVrkj3oFLzhHzKfhOxgAqYGbZ0Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQDUj8x_Aed4U69yG_1Jgx_qRCT9eUnsvbp10uJ-Sn-vPqoO4TFzRVrkj3oFLzhHzKfhOxgAqYGbZ0Ytx2ZOGT19UewT2I
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQDUj8x_Aed4U69yG_1Jgx_qRCT9eUnsvbp10uJ-Sn-vPqoO4TFzRVrkj3oFLzhHzKfhOxgAqYGbZ0Ytx2ZOGT19UewT2I
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQDUj8x_Aed4U69yG_1Jgx_qRCT9eUnsvbp10uJ-Sn-vPqoO4TFzRVrkj3oFLzhHzKfhOxgAqYGbZ0Ytx2ZOGT19UewT2I
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
report
sync.teads.tv/um/ Frame D522
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKtYgB3DWy_2...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSNOpIAESbwRCOULXYUt2pCeRISakPqpxmPvz5lc6r4tfKhNaRB1htgpjzvWq8bF3s5giuDCWx8mOgfEzpaeToIZlT7bNis
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

expires
Wed, 25 Oct 2023 12:56:15 GMT
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame D522 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvzB3pTx6s2uzqDPZhF3MEhKgb7sqursXVnR_fk5rbz2YSig4q9-Gvu4c0S3sezM27nra8Xw
Requested by
Host: 93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sync
x.bidswitch.net/ Frame 9EC7
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?gdprapplies=0&gdpr=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fcriteo%2F%24%7BCRITEO_USER_ID%7D&profile=230
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=PqhfVV96NW11SlJZN2VsRUV6OXduT3N4bFgyOGtUQ1M5ZTVkQTZSVWM2ZzlBRGJibkN3akNiTm5ndk0xdm1Sa0hHbHRCREFxbTMwR0VDeWdsciUyQmdic2JpaFk5c0tRT3N4SEtMYnNKaHp0R...
  • https://x.bidswitch.net/ul_cb/sync?ssp=criteo&custom_data=PqhfVV96NW11SlJZN2VsRUV6OXduT3N4bFgyOGtUQ1M5ZTVkQTZSVWM2ZzlBRGJibkN3akNiTm5ndk0xdm1Sa0hHbHRCREFxbTMwR0VDeWdsciUyQmdic2JpaFk5c0tRT3N4SEtMYnN...
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=fd67c680-d21f-4726-b4e1-4508eb25e16b&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=fd67c680-d21f-4726-b4e1-4508eb25e16b&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a8704b10-757f-4611-8899-2094467f3bc8&ssp=criteo
43 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a8704b10-757f-4611-8899-2094467f3bc8&ssp=criteo
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.144.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-144-107.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
date
Wed, 25 Oct 2023 12:56:15 GMT

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 25 Oct 2023 12:56:15 GMT
Location
//x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=a8704b10-757f-4611-8899-2094467f3bc8&ssp=criteo
90fc61ffe7d996e53021b9582855508a
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 880F
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/90fc61ffe7d996e53021b9582855508a?gdpr_consent=&gdpr=0
0
512 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/90fc61ffe7d996e53021b9582855508a?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
81ba9e5a8bbe1e30-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 25 Oct 2023 12:56:15 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Wed, 25 Oct 2023 12:56:15 GMT
Expires
Wed, 25 Oct 2023 12:56:15 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/90fc61ffe7d996e53021b9582855508a?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1698238575715030-517
v1
match.sharethrough.com/universal/ Frame 3C40 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.207.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-207-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
CTA.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame F682 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/CTA.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93dfc6ad110c1e68a28d173f3b7f1ec26c4e532b70411af7b4a4b7515e92a3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:26:43 GMT
x-content-type-options
nosniff
age
512972
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1400
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 14:26:43 GMT
Text3.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame F682 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/Text3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1116e4cc7ad958761e008cf397c29d52f8c17bbc4ec05ef0864450b867cfe330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:05:07 GMT
x-content-type-options
nosniff
age
550268
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1176
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:05:07 GMT
Text2.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame F682 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/Text2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17f25ee6ba69f4b6af02d1a58f1c563495e8757eb620a38a07b36ad9a2ec5d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:29:17 GMT
x-content-type-options
nosniff
age
574018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5113
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 21:29:17 GMT
Text1.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame F682 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/Text1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f78dc703ae379aa7ec8fd6cf32ff98f12277b91fd61ecfaedcc14d555dcda2d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 01:16:30 GMT
x-content-type-options
nosniff
age
387585
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6570
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Oct 2024 01:16:30 GMT
logo.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame F682 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Wed, 25 Oct 2023 12:56:15 GMT
BG.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame F682 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/BG.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f489d03882e6550812ef9da530f3ee011423a0d85bb883b768783e3fc787743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 21:05:35 GMT
x-content-type-options
nosniff
age
143440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76412
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 21:05:35 GMT
CTA.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame 0683 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/CTA.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93dfc6ad110c1e68a28d173f3b7f1ec26c4e532b70411af7b4a4b7515e92a3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 14:26:43 GMT
x-content-type-options
nosniff
age
512972
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1400
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 14:26:43 GMT
Text3.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame 0683 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/Text3.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1116e4cc7ad958761e008cf397c29d52f8c17bbc4ec05ef0864450b867cfe330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 04:05:07 GMT
x-content-type-options
nosniff
age
550268
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1176
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 04:05:07 GMT
Text2.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame 0683 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/Text2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17f25ee6ba69f4b6af02d1a58f1c563495e8757eb620a38a07b36ad9a2ec5d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 18 Oct 2023 21:29:17 GMT
x-content-type-options
nosniff
age
574018
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5113
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Oct 2024 21:29:17 GMT
Text1.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame 0683 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/Text1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f78dc703ae379aa7ec8fd6cf32ff98f12277b91fd61ecfaedcc14d555dcda2d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Sat, 21 Oct 2023 01:16:30 GMT
x-content-type-options
nosniff
age
387585
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6570
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Oct 2024 01:16:30 GMT
logo.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame 0683 		43 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
expires
Wed, 25 Oct 2023 12:56:15 GMT
BG.png
s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/ Frame 0683 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/BG.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f489d03882e6550812ef9da530f3ee011423a0d85bb883b768783e3fc787743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 21:05:35 GMT
x-content-type-options
nosniff
age
143440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76412
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:34:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 21:05:35 GMT
CTA.png
s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/ Frame AB12 		1013 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/CTA.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
804ea29f89a4ee9ffd331228146f72ebcaf7b6a9b54bda69eba8664042b703d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 14:41:00 GMT
x-content-type-options
nosniff
age
80115
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1013
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Oct 2024 14:41:00 GMT
Text2.png
s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/ Frame AB12 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/Text2.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4dc6fee11e954ec8a8ee44c16262522fa640ca7c5c2217768730a63fc1834e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 00:05:52 GMT
x-content-type-options
nosniff
age
564623
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3616
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 00:05:52 GMT
Text3.png
s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/ Frame AB12 		825 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/Text3.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e0ca14217183069aad876d0c5b055c1f5d49c758d12cf4951253e7aaebc4109
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 18:09:08 GMT
x-content-type-options
nosniff
age
67627
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
825
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Oct 2024 18:09:08 GMT
Text1.png
s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/ Frame AB12 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/Text1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5cd3a54de349377b233cc931083c61ee36b0cd3871cce77d19e42995e03ec00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 22:11:11 GMT
x-content-type-options
nosniff
age
139504
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5041
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Oct 2024 22:11:11 GMT
logo.png
s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/ Frame AB12 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60a58b4987d5400aa0bcc73d4eb7cd581242080051488882c6449c2eac6d0da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 01:24:56 GMT
x-content-type-options
nosniff
age
559879
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2419
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 01:24:56 GMT
BG.png
s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/ Frame AB12 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/BG.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182548bdf4fecf5016a1af82aebe5af69f104448155895f260aff0625bb1f451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5842941359592361720/Fallback_MediumRectangle_SchuleundBildung_300_250/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Thu, 19 Oct 2023 08:28:14 GMT
x-content-type-options
nosniff
age
534481
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30844
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 12:25:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Oct 2024 08:28:14 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C7D2 		35 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=260596563719701&correlator=1788507652397113&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fif&npa=1&iu_parts=15764254%3A43010785%2Cplatform%2C6962%2C(s%3A6962)_(z%3A114914)_(wf%3A21935)_(b%3A101156)&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie=ID%3D9bae96f02389768b%3AT%3D1698238569%3ART%3D1698238569%3AS%3DALNI_MY0ZT7EmVEl6Q3B1fYN2Gx0pxkzaw&gpic=UID%3D00000ca401b85a5b%3AT%3D1698238569%3ART%3D1698238569%3AS%3DALNI_MYS-qgEfUnY1zM9uZTYvYve48tsTg&abxe=1&dt=1698238575474&adxs=985&adys=4534&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=nlgjxfj5ovmy&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nhd=1&url=https%3A%2F%2Fwww.zahav.ru%2F&top=www.zahav.ru&vis=1&psz=300x-1&msz=300x-1&fws=256&ohw=0&ea=0&ga_vid=1682251483.1698238568&ga_sid=1698238575&ga_hid=235717912&ga_fc=true&dlt=1698238572107&idt=2812&prev_scp=fi_group%3DG0%26fi_nohbfill%3Dfi_nohbfill%26fi_group_keys%3D%255Bobject%2520Object%255D&adks=2110998012&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aae17ed54715ee4ed0661ff7fd517caee68fce587880e75a6abfbcb4c425d7ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14429
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.zahav.ru
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C7D2 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8715083a2a168b3a2302f567b7edf3a33736e5375521b044b4b76384273359d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12207
x-xss-protection
0
container.html
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 37A0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:15 GMT
expires
Thu, 24 Oct 2024 12:56:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame C3D1 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?kKFz4g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dt
dt.adsafeprotected.com/ Frame DCB2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=7868040e-d754-930b-7304-6ac9459118ca&tv=%7Bc:s40Dh5,pingTime:-10,time:2399,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698238575614%7C%7C0af24b788ea7a277998e2146163fb978%7C%7Cafe098ab9930c31009b81b3a08e6b29a%7C%7C0a9750745165b17b971572fbddee19f9%7C%7C5f49f98f7dd5097829323f4184c6efd3%7C%7C7b652743557ed63ea2eb754c14112fe4%7C%7C07c0b9afbe1b88bc6bff75391d13b1bc%7C%7Cb70367ac006c6341b2ff540316e45ee9%7C%7C1663701684,im:%7Bpci:%7Btdr:949%7D%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:15 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310180101&jk=1248847122225354&bg=!8vGl8b7NAAaMkNwkrJA7ADQBe5WfOPYLw8QlMD1GizWuVtNg7QOEbyR3YpUeGaWqlAJtQJ_qO51sHR16Fw5Lzh8EcFwOAgAADlVSAAAABmgBB5kCrDpSkruv3TwdS-cAWMrLHWRbM_t0A0_6uOZCeMi_OO2HTz0KMg-KMBMFXJChlHa2HX-lhVd695VlfkX8t9IcIBLmk08eVW0RvsBUQzT3DKam65XAJCFVPuhI9n6hlXDuqASekvWB2pkav4IiBHWRhjZO4MnrMgkwRX8Dpupk-InwkkgUMjVA02gQio2KmNhiZzU1V4vuVE9eLqq4AqMwmPYU_M7_Gse6eoawqiQ00sH6qhl5oBmTHWyxc45tTCzOnu4zkux0Vgy9FOhD9kXBPUfXLFhhM6RM-DlkqXgd0XJceOdyyT9DS47PMMT_JXVg_CVEQRFum5bQNSivV6GdRabU37xz4ZLwORH-hKVsRL9PG4El14URrBEBCWWNy1TEEqyHUKedcX6ofibFpnk1ARdxOUijLE-UMkPAeWODpo4p3uIhpR7diUsg6x7d8bHSx0Sum0WUoT8eI2R0itRWv5TAdCRGAoY2hfim2_lpbFb-DKh9k6Qtbi7DBBSNhSryq3Rehq4ADUC_8qqmA4U8WD46vHLczYbMDGwCObXz9sjMbu4BbF5C9imoWj8dUudtF3YL30XaOqWSa5_bKLLG149JBG8RY3MRviGEDYVWTqA3hFfcwQzcdQPLse8j5p03oYYixhuG1fRhwo2QQcf7EDhyw00ZbQwy4X58L8een7otT0EUjYzU-_puL2N887rG7stPoHXkAV0hQpAIUBQDsCe8RCFrcPYrLHdW-U4SZTP5wAlFIUr4IWuYqpmokH9tLV3wBYJ92CxLRxz19iqf99raOC4RBj7I4D3i4PZyOUkuPMAy9TPtWirdzKu-s64M20Uywj679vgSrxg7MHy_aesNglH0F3eRB_rqoN8RbS4XE-gZ1WsFHPiuMJzFg7lcSwrdDqlMy9VJPHV65w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BF49 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bTJm3Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
container.html
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9F04 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:15 GMT
expires
Thu, 24 Oct 2024 12:56:15 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
v1
cdn.firstimpression.io/habit/ Frame C7D2 		2 B
577 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/habit/v1
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/static/js/prebidamp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-54.prg50.r.cloudfront.net
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.zahav.ru/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Oct 2023 12:56:16 GMT
Access-Control-Request-Method
*
Via
1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PRG50-C1
Access-Control-Allow-Methods
OPTIONS, GET, POST
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.zahav.ru
X-Cache
Miss from cloudfront
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
2
X-Amz-Cf-Id
dSxCY7EzWNVxSWlwOUXOvvk3vpVyKkRMhaejS2MqE4PvK0cMqtyV3w==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C7D2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 25 Oct 2023 12:56:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 325E 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BR_ioaRA5Zb34HaSn3gODkKWgBQAAAAA4AeAEAg&bg=!9Pel97jNAAao7_3LiO87ADQBe5WfOKcYe7p_Y_ajz2VmGhRaVWi6a13NX0p_Rr8lomh2Nvqd62ONafusZFK-rkVaXzhMAgAABzhSAAAABGgBBwoAM8ANe-K184o6d1yy48ZBnj01V9pFHucMANB_dpBPFTSOQR7Ra9Xt9n5EzaeImwOuspmD-ZkC_ekiGCMNPaeMYaTVcnW7AbolRgAXNJzBNKMYbUqFaBJ3fe0JXW_x4hg4TcTcHA0YROLAz2tDihfwt3l_B2aEzUfsckpDKPfr_p5laxRRK3Viu5Y5y3d5DBoHiKVGV4zTW_bp8LFI1rp0NpIuF8lKMCbpq_hLSiQoLF15VX4sBRNd0W9-ewPjCgFqIUT6cjSs_oReg1bsb4l0z74wHbggV7uEmjEpxYKwc1evxSvT2e7XIyfTfQbMG0JYf0WHvMDg5osFDZjVprmBTClSFaFwKL7bmYKWxlp4AQUfvU2ST2cpWf8mEDZfdWrUkfxKE3a9W4XStBr2C_L24LT2ePxFxlSok7CzNvIQS4NYdNorHgVx-Fg9NYk4H-IsN0NaThxXvW6T7ycB2WmiV33i2duy8RMolpJEcKz4Ida2gxmDFs_hlR6p4KcScLoIj7c3ixsofvMXc6QhiI8FJInuSLLvs-s_QN0uAGMpk6Ov4A5T4AYFeyuMJ4jUAoM9bMwI3z6zfA43myDkPhZRNGy7Dm2WK9vBFG6jDGXRta8obqZF0B2BSrGD4clw85CPEBwtD00E8mAgZcQsbnsW1EjL0U17CbBlacCrYQ2mCNVcoDnNCSx19-2OKRsCWOctfxrVkBobYZdZ6NPJSOtSmDkQe-M6DQwIoeXRVkBF6gvYabhCjB3FzzOia5H2_s4CuWIwqpf_d_pbLTvnna9vV8eCLZPwhkzq-sbFoQf7C9bwYCuUicBg5rxIuEKc7Y72rflgbtrR70leW4jYEOOnCMILEib8ncF28btIp3NzY-g4YDvtSdywSqTmjYcQ9bTNbgtCJfgIq0QsTp9E4B2S1SQDBGec70e2GuVnLNFwWUwHfcjVaCIKY01wuGFADHHYhGRI7ozM2qvq_LHmCnvtXOidn0BybQFYKYxxF5UuqwdexZaZsDak55V152_Zdk1hUN4vyzfEs7ZNYUTwbrALI2CXT__uEmjZcwPPWfn50YBKREcSA8AZp0rNrkUoUpi2r9dpIw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 647C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=5cee9c66-dbc3-3802-a970-c2ef60fc148d&tv=%7Bc:s40Dr8,pingTime:-10,time:2984,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698238575614%7C%7C0af24b788ea7a277998e2146163fb978%7C%7Cafe098ab9930c31009b81b3a08e6b29a%7C%7C0a9750745165b17b971572fbddee19f9%7C%7C5f49f98f7dd5097829323f4184c6efd3%7C%7C7b652743557ed63ea2eb754c14112fe4%7C%7C07c0b9afbe1b88bc6bff75391d13b1bc%7C%7Cb70367ac006c6341b2ff540316e45ee9%7C%7C1663701684,im:%7Bpci:%7Btdr:873%7D%7D,sca:%7Bspg:7868040e-d754-930b-7304-6ac9459118ca%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A78 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=89b766fc-beeb-a1d5-f9ea-63463853be0d&tv=%7Bc:s40Drd,pingTime:-10,time:3040,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE4LjAuNTk5My44OCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1698238575614%7C%7C0af24b788ea7a277998e2146163fb978%7C%7Cafe098ab9930c31009b81b3a08e6b29a%7C%7C0a9750745165b17b971572fbddee19f9%7C%7C5f49f98f7dd5097829323f4184c6efd3%7C%7C7b652743557ed63ea2eb754c14112fe4%7C%7C07c0b9afbe1b88bc6bff75391d13b1bc%7C%7Cb70367ac006c6341b2ff540316e45ee9%7C%7C1663701684,im:%7Bpci:%7Btdr:584%7D%7D,sca:%7Bspg:7868040e-d754-930b-7304-6ac9459118ca%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 568E 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BebU1aRA5ZcX4HaSn3gODkKWgBQAAAAA4AeAEAg&bg=!3N-l35DNAAao7_3LiO87ADQBe5WfOOc_kX7SoTRFGhgtvwvnSABWJD7bZOr7KeQhRyb_RJYMrLK4zYGlFkAg4IYS-aheAgAABw9SAAAABmgBBwoADhG0vDhMUKGy5iZ8FhL-mQMRGVhwbcTTjLd9SEqAJcF_CxUE8oxsd6J9LdTtmwNolxcXplGxUPthHiXTPLJCXAbAFRyqtk3wRky21SIMBoaeM0WuAeqsFivj-C9dXiL6rPurn9rls6AyzWbZJgqcSNMLK5hEEeXeBpk5_8Ju9Ve1bEqFnGLJXuhLsnLovqhvyFfRZPUfR_0up306XV98LpsVVVHc7jRZ4AuP2bGGKPVnqe9YRavgTZqVTdtsp-uubgY_K_eoDANBjjETOTtkxjfDWBDnRM8Kgq-XIu7xgj0wjVboAMFp5S70u376eqBEVG0C0GyCsDdUQUbzYTj9Y2h8GPXEXsgYYcymesxaRxwAHVYKbgE08jQ2lCLPAc--YI4TuuzWM9m8LJ6QQWvuF883ArbbvHRpZYBweC4p2LXD42c1Ptx_KoUQZz5SGZgK5D-QN0G_FQ23_z4_dJBK2Vfa4RqFYrif0_MCw-WWXGhHHxZuulFBcmjhfW7irWvRt1hLI4lDOXmFr4rrm1CV38DEdz_C4VCyrGhjhfbDH_Ro5HFiXqo7jvWC5fnLlXC0qKEPKDC0QlTF4zYlu3AyjY8t4NI8QRIj828jKk_DrgZVdAPXpg4wdztnsphj7tkNtDg9kxSWAumuO2L7nyQTx6MUUkRNQp91PVyxA8tjv67IxpFxBBZDNP3YO2HEbS47DrIv9y9YFUHxc6g_nITVqvwDRsycH1qGSJ0EpA9j2xJVOdS4ok54pqQ00tOoO3q_iSlWw63I5LfHVVfdHtXHdfTCvHdLK1msuVXAiMwfnwNlVwe6jfBVAF2FOrnKrZGQO4Xdx2I3pvzCxqFi1kMF1wt9t4fqkpyHwp6DfKD3wEc5aRyoZg0Hh1dTxJ5jH87canOpxQrlVILnjIHpSoShz8dfQiUC8U2dmFy-_ig7ZslqzbUDbzJnM3F7vzm7tnybK_3w2lpUR5fM7BwU7zXXk5tUdCSr2YdVv7CasGbivvhRxMMMTEk32pVh5L99g6dvSMIBEMkmhI9qs5JZ91xt5AbDLvBovWy3U3GbclNP3jVQtNM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4EF7 		205 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Requested by
Host: 9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
URL: https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7263b3b4ed47729731b5fb49465dc396dd20e9e6763e08b6739af524e36ccb3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:15 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=fxwdX8zbF5zHnohX2GL3LRjjbX3NGSoiEI-P_IHc2FIQPpOuPJFono4gw5keXEtK9gtxBPEkwY2kPfiDB4hC1s9wABpEjYCK1WHYO-b0aOR84LdlH83pYy5q5yFZ5ng1utqIu7XAiXgy8FcP-1__paRvIDzOmrNV1ouVY6wgRGazxV1kRppLrWZ8ptKpL24IEbsCmtXKhZ-ubfab6r1CBPp8JRMeZvzg8rlo2Fjm69qsqItbpslxowl0AKw1aRTaX4KURA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
61243090
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 9F04 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/window_focus_fy2021.js
Requested by
Host: 9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
URL: https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
3132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 08 Nov 2023 12:04:04 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/ Frame 9F04 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231023/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
URL: https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Tue, 24 Oct 2023 23:31:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
48298
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8426
x-xss-protection
0
server
cafe
etag
17696348727749479825
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 07 Nov 2023 23:31:18 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9F04 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
URL: https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 06:34:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
454927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 19 Oct 2024 06:34:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9F04 		187 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
URL: https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60190
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698060838547238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Oct 2023 12:56:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 647C 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2884053721026&version=m202309260101&ct=76&x=1&cor=2065509241962634800
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DCB2 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8440227604829&version=m202309260101&ct=76&x=1&cor=5437148198146637000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A78 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7240964500584&version=m202309260101&ct=76&x=1&cor=12541189012254687000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4EF7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:16 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4EF7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:16 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4EF7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 19 Oct 2024 12:56:16 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 4EF7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 19 Oct 2024 12:56:16 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4EF7 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=kEap5IB1yRHbmp7bDj-xD2pv8-FvO7sI2t--1kahUknEWzQRclWspH4S96Ao4fecWCLh7Bc-b9WDZpjQZRfi9Ud_JoXmwvQvyzUjKTzOmXVtHf1nHJOnwD0TXpWkuP141-iKbML3ZYJJCOYP7lLL-XQNFg8xB51XQN_BVADIRjPWwLZuMaGZpwv_C2Wy8aCFspp6gcBSlzTp35vKaZCGqEc0P_L62TnNozI83aP58JKg0LgZoyT0qXmVt1xiYeBGn4Qjd5AW8asLR1ZaSMXUOMleOYmp1EsxbDO9Om6uIp9zz9inWDSsZ3r8ivgUEdPgcyA-chQFiRqtcH0KV0VlDsuPJgzl0IABrX-U5XkgYtX94BM-6qvh6J9PPTRBqpZ6nbnuMfEV7Kkk371XPLyNh1w9mZ7ZPhs5fdLiQLyUZuVK1qyq
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2264710
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DA1 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9503094467259&version=m202309260101&ct=77&x=1&cor=12028398269549883000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F51A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1659
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:28:37 GMT
expires
Thu, 24 Oct 2024 12:28:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BC9B 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3cbae1ae73ad743ec759b0d6f8ba74aea6bdf3f9225bcc4269ff201f9b7d665e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p460sGJVeCPCXj1Nj9l1Qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zahav.ru/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-p460sGJVeCPCXj1Nj9l1Qg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 25 Oct 2023 12:56:16 GMT
expires
Wed, 25 Oct 2023 12:56:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA88 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BOxFXaRA5ZcH4HaSn3gODkKWgBQAAAAA4AeAEAg&bg=!KyilKGfNAAao7_3LiO87ADQBe5WfOBVOUYSLuHyxGBN5h03bHJr5o51Sa8H7WlEX5_0qWFdPFmwStcFKaWD6zVJ8oZxxAgAACOJSAAAAC2gBB5kDAHDkZhuZrmwsju_s1qUqwQ6imQWt9rDBwUZnIxC8ojL37ySHGWwF2_r1CESN_J-_AcTNdmqqWM0xkssUq6SIJ-z1ZZau8YCIstaZGmZd_yNJoztTgTdqaZ--aNYJ422I3UZ3pVUd28utADm9OyQ0IwLOmh0H3bvA4XsR9PPWjFJS9zqJf9TBqaxiCq0T7TLVnYF4uJf1FGiaeyByf5inCOIdT518Z5Yy81d7xBwhCRsAgVEChMYDhFOSYoFGRMjN_Icad0AaV7wa4O5wjX9GryGbNoNMQVrWrNWv1ZNyCXPQKh1XDvBlNtg5UfAH6BZ_alVXwEUUA_20sZq0nz_-Xgb1vtQKoGw0gdi_SKVHhad8uWUwySJl6mJSJH3jTayyfDKgedDhoW6fvL47QexfuIIL5LIm9WlwdfgJuipHIBIteCxpxf8c6dQGTyIxexf3GfatXRmA8BlW3fsXWPSprK_0LeDd3VUBpE7wPGahdZu3w6Tp-CSkKSMRAM0pEBFslmOJLSPl0USTJX7SLqHFCOqt4L704hMuwrFSgfyaDgwFjf--xHdCaohQpJXGnCyGvEaALHmHg_BJPY84V4b-ImER3iM84n7BEyErNioUgMa6mqOe1Gsb11KAgELTf3oCSEFShpEbFt8OJIdnTXiqODDssauX9hzmN8Dn5v8bx0OTaK2a6UiE8ZWFs-OM_02v-i7V7jTWsYbHVQFpjuTSyIhTNGC2qqnPAN0uYQmmn6sTqW5gcwZAElYM59R-Bjozwxjn_D2sqyAOiUt_LjRfV9bAE9fj2vRy7uqw1jUT36PJW4PKL5wBOhsaIGjvbOQzKiRu44g5PEDST5Vq02p4IQu2AVgv0LFQ_Tv9CukV-hSq0QDE11PpIyzhrXzSPrlWLUEPOK5UxL0Hvh6RCBxIAPokq6Hy0FYQRZ_x4LjH0MY2X76Z2cbQtnqLGWiOigEXzodrPH81awcMBnyhXZez-9tr7kMrglKrFs6H5hSFGSZbkqeEby7bJpJJU9-btbN0NA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4EF7 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
758293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWkqO7%2FYNs8VRBF9ABSViMbVlR98Kw%2BREGsi9dZZWBmSKrbIVIWWNfLzquBMBJAnh%2BWW4JoPnqQ6I9n%2Bys%2BUTOuNy7zlUD7dzWlDL0dIAj63TOUv9y0%2Bov9i%2BV8h2kFmUVSAhO2cSzFK2u9lo3cHq0Zh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
81ba9e61de8a5d3a-FRA
expires
Mon, 14 Oct 2024 12:56:16 GMT
animejs.js
static.criteo.net/animejs/ Frame 4EF7 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 49FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310240101&jk=2235481794031604&bg=!trWltfrNAAaMkNwkrJA7ADQBe5WfOOqg0BR7DX3AFYWfwfXUMpDM5e_kI6oEUgwtH2wGOtPQjGJXqGBO7HAZqrOaG8jiAgAABw1SAAAABWgBBwoAkXBoaREqhWZfJoglyyu53dSlCiWs3Cy1pzUjYG5rNKVFI-rgVp6L1GBgw5wdS283M6cdyUa3fmR-stXeQ_yosRceBB6Tl6nyWy6fS4bEvvsEkaJA84_PwVZDtIFF3iVbmN8BU0QpgZxiPgy0dcBV6lSzqJuflYbD2VDAtaLxrqwgt5a2BcAO9hzKz3HnWTMpCXWZAs6pXgncK-0eX7VmObJItO-T5GqgQebx2cBlZqcvDUk8sQ7GXfS60lnidQ7oQ4vdkfGoYbyFpIzv_QQwSox5r7oQuKf6z5kSCjy5GzeyNJoyMqK-qlYi9PfB_fdz16F7O3MwQ4vaDaKrkvgVCBVDWvRzgrW4yd7ZG_LqRzfnKi8t_44wrhR_X2_CceYOFgVdwshZhlQMJe43Tvx8f40rJMKjng6d1eWdAinEWLrtMgMlzI9kGbOUtfeGcfWMwqC3evysb3tVA0XvVAzB3Jq-EpesSvnd5nMvseS76BFNgIT6hj60FtSDqrIRqAr06wcU3Xw-hQJAExotkC0jdMmU6Mg3usUpJ1uFBGn10hFEUmF50sB7lCpDuDrtaNd9zK7CtTlQ7v8E7NtajADQdxHSugItP32OYnzu5ykIj1DhdVbvk1RSos-CeAksSEFs9PhlMjKwfpvshsAWbZakufgaGingJmBoq4VIc-G-lVXj5a8fcesVfU9_ElfyuvB-IHlKhNzSGLVxadMY4bTv2kL82LOoij4qaNCSowcD_vltcr-LpSbRadzB9EQGsoBcYs92dlsS5yc_x-pbTV1ZMmFmOEvbcat0Caq3MF0N3om_aix9xhoawWF-1mjM8JoxtYQoGBhPx_Ad15p2vtM0wdB5BHOxcpDVBTjMH1p3UPY3zTm9iRewZ_uy_lDWwVayMti-NsKEeeFRHW21PNldAkS8F_0SfzubtlycOckL0s-Qah4PS3Ls93-QNAK7seGPVfA9QKaiiarsfGwsDiA9zHyn534eXIU0VIjHAa89rIlB1OsH3yD78avXl16k2kKl55DNEu6hJmzMJpFwIhthFWM55-8wRsCstTWn3WUhIElMwv3UZFngFfJ0aFDs0qJR-Hf3lJvL6MLIcV5_RH074RidnHVgSIUN7jLUOuNIL2kN8ZtHKJLSLx97YLPgYCaXEAkU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
img
imageproxy.eu.criteo.net/img/ Frame 4EF7 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=268&m=0&partner=19891&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19891%2F211013%2F4295040744c04f918dc6e4c60c821a46_wlw_logo_100p_rgb_claim_down--1200dpi.png&v=3&w=596&rid=4&s=HWD4A-zx6yFnH3_iiW9kH7Cj
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8618de4b08e95c0adb71ff82f37f57b8b6d94576d46990773ed1a782585e0fcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
38469
expires
Thu, 03 Oct 2024 06:55:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4EF7 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F1%2F989%2F02%2Ff3%2F98902f358e0f345262b9bb48979707d740b700593af51c80690dbe3934fcd150.png%3Fw%3D240%26h%3D180&v=3&w=800&rid=4&s=_x0KT-tiXPZtm-Ko1sFb9hOc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f861d5bcbc15a01cc2ba0e17b8766a8712464d894ff3d6bd56f7ffe263a0c98f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
23049
expires
Wed, 02 Oct 2024 06:22:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4EF7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F4%2F494%2Fb1%2F58%2F494b158d813e1a7e2a1d549ea3cf0d218fed067b69b2af67b919fac5734b23c0.png%3Fw%3D240%26h%3D180&v=3&w=800&rid=4&s=7hkbbTFg3LDutR00Bc_r_IIc&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
92682f44d3bd2b5f569eb46a36ce6420db5e9075c1977d0f1a5590a7acbc8339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
15893
expires
Fri, 04 Oct 2024 14:44:00 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4EF7 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F7%2Fffe%2F23%2F8a%2Fffe238a7052e4734cbe36c21a9fb41c5bc7099eee1bb7567e9a24a9ae1608ba6.png%3Fw%3D240%26h%3D180&v=3&w=800&rid=4&s=F57mkugSjg97Qtj3xESY79KB&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
57a428053429128ed81e3aac6007acd4a04fbd9cf37700170a4573b984b43189
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
36375
expires
Tue, 08 Oct 2024 04:11:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4EF7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F5%2Fd14%2F99%2F0f%2Fd14990f89094071ba8d72c4a4f71a4e812790cf074f1250ad3f6bb0e25196a64.jpg%3Fw%3D240%26h%3D180&v=3&w=800&rid=4&s=YvVqYSG8qSj5tuvXHohCmDM-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
85ba31fd35fbbc35097d2ba1b684761f458cd6b36d6bb66ca3197e280ea037e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
6226
expires
Tue, 17 Sep 2024 09:06:12 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4EF7 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F0%2F8ff%2Ff4%2Fc5%2F8fff4c57b984572d3012365d541197816f8ed1064429d3fba434152f5480b8c8.jpg%3Fw%3D240%26h%3D180&v=3&w=800&rid=4&s=Phicrhp8pQSibEzHhOxhUUmH&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e0f3c9a6b77b3794c51fdc76582138a07e4d9cd60109a7bb483a6b07bd7ae681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4416
expires
Sun, 13 Oct 2024 01:28:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4EF7 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F5%2F5e3%2F5a%2Fd8%2F5e35ad8b9033dea097e8929c565ec4a8ab1a39550a6c8237a6070032057ed55e.png%3Fw%3D240%26h%3D180&v=3&w=800&rid=4&s=WrZnlUsrPxiVeUrTKLwrjdon&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
bbe0f0802e8fc34a84bab940521a1d7a7764079ac32b4dca16149480ba48c5a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
21644
expires
Wed, 02 Oct 2024 08:42:58 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4EF7 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F0%2F8ce%2F6b%2F85%2F8ce6b85191cfdc2979000ac8ef064c3ecffec4044658b4448c7ee022b35a10b8.png%3Fw%3D240%26h%3D180&v=3&w=800&rid=4&s=iCKMD_enzMK65RJHzT515-BF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
763cd0761b62739bfd6d1a7691912a5df24ffa75aeccc8a359b1a18d1e10c374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
13777
expires
Sat, 19 Oct 2024 04:39:47 GMT
img
imageproxy.eu.criteo.net/img/ Frame 4EF7 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=19891&q=80&r=0&u=https%3A%2F%2Fmedia.visable.com%2Fhttps%3A%2F%2Fd18yn9dcojt05d.cloudfront.net%2Fmedia%2Ffiles%2Fproduct%2F6%2Fefb%2Fd2%2F6f%2Fefbd26f7fa306dd2f1998b3f9a94d58ecd28fa9cd6e8ecfc05a584078aea9787.jpg%3Fw%3D240%26h%3D180&v=3&w=800&rid=4&s=yIwOILBLkhwAUU4QcrPt2FEC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
86a31713dbec777bafe8b67fd981ce6a4532cd2d1d08426b98f540a99383d1a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4710
expires
Wed, 02 Oct 2024 07:36:54 GMT
all
csm.eu.criteo.net/ Frame 4EF7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fxwdX8zbF5zHnohX2GL3LRjjbX3NGSoiEI-P_IHc2FIQPpOuPJFono4gw5keXEtK9gtxBPEkwY2kPfiDB4hC1s9wABpEjYCK1WHYO-b0aOR84LdlH83pYy5q5yFZ5ng1utqIu7XAiXgy8FcP-1__paRvIDzOmrNV1ouVY6wgRGazxV1kRppLrWZ8ptKpL24IEbsCmtXKhZ-ubfab6r1CBPp8JRMeZvzg8rlo2Fjm69qsqItbpslxowl0AKw1aRTaX4KURA&sds=2&rev=89023&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 Oct 2023 12:56:16 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4EF7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:17 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4EF7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:17 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2ED2 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=784066131419&version=m202309260101&ct=77&x=1&cor=8267670395138575000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame DCB2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=7868040e-d754-930b-7304-6ac9459118ca&tv=%7Bc:s40DEH,pingTime:1,time:3863,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:709%7D,%7Bpiv:100,vs:i,r:,t:2681%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1182,o:2681,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:709,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2087~0,0~100%5D,as:%5B2087~300.600%5D%7D%7D,%7Bsl:i,t:2681,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1182~100%5D,as:%5B1182~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:462,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:711,sis:1739%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame DCB2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=7868040e-d754-930b-7304-6ac9459118ca&tv=%7Bc:s40DEH,pingTime:1,time:3863,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:709%7D,%7Bpiv:100,vs:i,r:,t:2681%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1182,o:2681,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:709,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2087~0,0~100%5D,as:%5B2087~300.600%5D%7D%7D,%7Bsl:i,t:2681,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1182~100%5D,as:%5B1182~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:462,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:711,sis:1739%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 647C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=5cee9c66-dbc3-3802-a970-c2ef60fc148d&tv=%7Bc:s40DEI,pingTime:1,time:3826,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:753%7D,%7Bpiv:56,vs:pp,r:,t:2644%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:2644,n:0,pp:1182,pm:0%7D,slEvents:%5B%7Bsl:o,t:753,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1916~0,0~50%5D,as:%5B1916~300.250%5D%7D%7D,%7Bsl:pp,t:2644,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:56,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1183~50%5D,as:%5B1183~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:408,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h*.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:754,sis:1714%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A78 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=89b766fc-beeb-a1d5-f9ea-63463853be0d&tv=%7Bc:s40DEK,pingTime:1,time:3879,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1009%7D,%7Bpiv:100,vs:i,r:,t:2696%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1183,o:2696,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1008,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1716~0,0~100%5D,as:%5B1716~300.600%5D%7D%7D,%7Bsl:i,t:2696,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1183~100%5D,as:%5B1183~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:403,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C1631%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d*.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j41%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1010,sis:1878%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A78 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=89b766fc-beeb-a1d5-f9ea-63463853be0d&tv=%7Bc:s40DEK,pingTime:1,time:3879,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1009%7D,%7Bpiv:100,vs:i,r:,t:2696%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1183,o:2696,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1008,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1716~0,0~100%5D,as:%5B1716~300.600%5D%7D%7D,%7Bsl:i,t:2696,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1184~100%5D,as:%5B1184~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:403,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C1631%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d*.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j41%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1010,sis:1878%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame 9F04 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69a0b320e5b31f7f7064e40e0f9063659b0468371283ec6eb8fc08a24bd501d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame DEE8 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BL-FwaxA5Zc7JN7SejuwP3aKL0AoAAAAAOAHgBAI&bg=!i4iliMfNAAao7_3LiO87ADQBe5WfOMvjpkKIuLESSzVpJe4mI-CIzGFFVsLm1cIM10zmVuLDy3_FGmBQlXP48DuTJCvJAgAACB9SAAAABWgBB5kDEk48Ek4tp2wH-RUPslxoJwnv28jWrF475AxMI7b012yvFWK8KkbkLvs0h5ike9pN8mDDEswP1R7rnSq0zP80-Ob8dISapYzp5t8HqG5_SQtfn8PpKux3oDZjP6vfNQZe0wRdDMjgwXI6G_x_y9c1hy548s4Rn61hxh16xEsO87048vYYxASDUldv3_oHq6G-t_g1OKmkP2d44Q_yHpjdoQYZdWiPsfyseMMupqaHyqZjLs6NP3_JgTN-cUCgtFuvB-Quqj-R0ztl3GMXbjEkWucsKhQb5zDeE6BpTIDculGIBkh3hJM7YD5N5DvtJnraJkc9fv1qWtR217jCaLh2xOTAP3psORs-dgU2BpfiakFQ07mJS6A7TuVnQQzPvjfyEo_E21tk95sKj56A9V4DBHH6gHyJgCm2A6KWnUhN_MW_uBBkyPDFuZT8mJcHQtW276lGAUmf1ymtzn2HsZ66ZDpOCgmNm9_ffPYLUE6P3s9oaMnfNyFrggv_WccNqmw249hRWRx-H9M9GgnEbgQDliN75MDzUUfV5qXsGA77ecMrrE4GgnaHv_GJ_GXBtVlyjxb8oTey3ClxFQwpdM0CKpoS045Z1ngww4CA40siOXSmCA0I5gdfVW7GfhSiW5b7McAt3goqhV8ZE1xeQZeqewxfP4HpzapMt8b_z9DlopScAUFmux1vTFV0HP-ilTRHNMNhh3MOKr6mIURbv0MoLzW4-Xy7Fk4iB3sKLtGP_uJSjyubruGYNn2q23cJuWmhgohAYk_ERXweDwPZCBMihZMnX1h2OqMwi2rSVXdb7K7Hkm7dZRuxJaUIrtAd8yJ1g2H1xMFvDP7Fq6B7s9SsXHhHjI_LAQSi5bIw4pkA5VQsdL2AIB2SswSWyqcJxXoYnfuulLIK9Tx05YGaHp_NySJ-8wnuPoVdpfF9PtiI8fWhlraGqm11Tmga7NDwDftvvRf51lDkrWZXqZ514XBAALKMwlnQBR1UJ4mJsuIJy02vaxKrrQEIq4QyEYruNNDefbnMtqTsDOds4eZXJSdaXku0lA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BC9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310190101&jk=260596563719701&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7505 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BlXuvaxA5ZcW5M_Ct9u8P6YyygAcAAAAAOAHgBAI&bg=!39yl3JPNAAao7_3LiO87ADQBe5WfOBRZyyk84jhqT31mHmM8fk5FZs8t2-Nv9aFDo5gVY4KvdsCpJpKsEOrMMKnF-BekAgAABzdSAAAABGgBB5kDA0FPSx3qxQg4M4xOrr_t3tmTXIivM3aRoEZ3p_waK7N28HbrEsRuN6P68TL24k141aHBJ8cSyxq2nABRrv0CgVN1GjlUBCMlsETVupWZ5iC599ryczDBtinCpZnLXk9TrupWVu6zdf9BzuoYsOJ-yF0_AXIF4xkyHr8_WvgX66Y3P0PyuWLep9RZZ-HBTGe8LTlwFj2x2nd_fcqEUJFnicsc1oOVEMenvHYuNgmRo8N4dr2wZEncWLGebih1dGxRywguJc2ylav7Ot_T6iBMAM-IpCGVrvmsvKqSd-4JI6DllAgRfh11alZfKk9cgIfzRkmksR4q4ZBX5pwP_uJfiyUzNPVLCdMRlgnzgZnlcVs9pE1mX3Ba4e0ryAaNUyzBAZhFCuRddrdmS2XFaZz-43lMNdwisNmMeZd6sJIad6JuY102I2Uhd-XmlHf8JimjGom6IeWaCfN6ayiRJCWIzJEH-w5FTS7QN-o9Li4zy4kabh9zPgW6GB7fRQuj4jqqNJEoruUs1GyddW8Gjd2oTJ6TPa3rUqMYgdH_m6jU50NLULvO5bVQy4NBmiN9gpQIxF5Qw_7emu9vs7gqlcVAs98oQh5H6EFxhnw-Nb5x84hsZO3arKvn--dazL_4Yjg8WmumdG3_Ak4Gw04LVdTtu6EoJl42SM8UY23Nsf1glI66_mUY7bYqS1OPiGCF_0fKMs5g6PZoGp_mZhvXdF7B8EZukoRQHsrxRjDGakbviB42hN4_D5XIgNMJXcujliIarAV3R4ORdpiqIlNys9woZE3bmAwdcP-YoyTgqaOCF4szm1aILQO1n9oSAchMrlcBgUeLmJK4wtKbB7P03HMR2RA6PJ-ENxQXuUJTQFe5_BQNY1Q-MiITRmczFTZFCJRc2vvZVjKhR3vH4fgko3LEIwRyQRWfo0kywSDq8UL82xNn7KhLGf8XiCAS5YC0MvSk63VLGp_zzBCEF6C75Q2opmHrak8zxJz_WS4Q8ccJtxZgwmvEj8dBaHpyy7OOF1mpgWxatQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 46A4 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B96sBaxA5ZcbfNJ2k9u8PkcmMgA8AAAAAOAHgBAI&bg=!-vml-bbNAAao7_3LiO87ADQBe5WfOE5_51bIg41l1XBO_tgSxNg9GeT7KUGx5tr00yfCiSu5sWXsW-xmypwrYkqtskxAAgAAB2pSAAAAA2gBB5kDBKB0smA2c29V-2BwE-2MHThCZfSRLK45T7Y8IV69Kzvi1N8So3LHXO3fR6WAYM0MdOQz0DBaqAI6OABGEy3ev6INpIxtAZl9QymD-h5t23ucSS3oU0U3ajZEotxQuxAF5VoXiWtojcagUHMvlGek9lXptqrdggq5AtHvMCVBz5Q5arHb7xD1sLTt9xtnWbnPjM5rMIK_Npaxdsp5lAi95hyMZOkaQKbLziPtl2bgqKQq8NM-EqM_v8OF7PBq1r4mojT8QXcXbn77p1kqFa1v1BQ5ViowSFYLta0XbvdFo4VM56qNgDl452M8B7IbzRnYwbOCLN0_gwX-TVuUguhcHJgD_E0wIagRLdMNCUPRdMamVa6ISjHIPRZ08ni9vuxF2jvWDS6RHqeSmajJOisCYXKbb5ww6xdLsNodosEk_Fx5E1d5ymh7mhCid6CokFioj-hVdYFnaCyzdxCmKMwper8CV-rhYYcWkb8M-eXiaEdkecHPb5rI64z2WKBre_hmmoSjQO1VVbNkCX5AcSiCvCYVVXCEn6MRN113cr71rEdqOZSbriZu-s1Ou0YDQXhm4s9pvXTgYZrdvnCV-zk1WRls6MZZxlqn1O5h3pQK_nPf1kpgaSpDEWnnLU6564FUc0SYt9fw0ZxRYdYxRr_5-neNGMF6T7e-9UgWQF6FyUhfXQOy4jhVtesM1ftdHGfL6o3mvY_DhyrSqC9WARqbq57nu4viu589avM-NEKuxHja8mW_ydaGZkCxOJhy-4Hg36XAQenBjx18ofVepGjZXZd5VRAzzYBcpdlBttbahJg4Svso1zmMbWZr0HkUhwDODiw2se-M9BFOdkb1Pe4cnN2YODW9CKUhLQVhwPuwe-4aFDLvK3RdSB6gjhyOE-Y-6ADqsaKyFxhRCyGuB3g8iZHYQl1EJs8vSKGLP57qq8kWBeIxIEdyJGYTX8WAmLTYOud120EBj0Uh9uWC7oxUd1ScC0dWTt1R4YWb-X2eLB2By5U_V-LvmGBPhPw0S_cXvlb2w-Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 4EF7 		2 KB
854 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:04 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1e0-8a8"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:17 GMT
nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
pagead2.googlesyndication.com/bg/ Frame F51A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nTQUR4KHlv49nBPfQffhBm9MtHMFcf5hwb1qyN9-gvo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
3274
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15187
x-xss-protection
0
last-modified
Tue, 17 Oct 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 12:01:43 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BEAA 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BEsnPaxA5ZfzhN4HLx_AP8aWLqAUAAAAAOAHgBAI&bg=!FRalFlnNAAao7_3LiO87ADQBe5WfOJLw-X5soeYM-Ru148Z8vUopkCAizVxQJgt1SYaCRCSNeG1eXKWP6Y1Ynuq2gHxzAgAACQdSAAAABGgBB5kDCeaGOfnhL4Xbtr1hk1LW6aBv7ipJwWI9Jhq14wG7M9jYvgDrGlg41o4sJETVoOd2osi2KrSMTqDDPHmfTsvkYyorgGVgi67MGx6xyLyo4GQrwE_Lj32tnCCpSg6fCQZKKykTrAEK8xfVJpKidREAmUwGosTWvPwrt7VxHatFoXLnqKwQfjSRBJ4yBSc8XPuKYkbU-OwCu-Qea-ayn6f-ANyS24KD0QmMFPUzwY8hesqpvb7RahKfCaNUbDsNBFjZMXYq_DNTyAVjOYinFkdr8g5Eki-D8WZV8OsNMU6LKEifWUTwEFZELphDtvvddS5TBuyj0IT58RJXjyuYUzSuxSb3K5FlxecBQPNzV0rS-ZLxAKmqspv1ZuFSSMhdBOnM2UyYCjR7Pl3eXPJ76loA8spFIETMHIsphkhUybjg0z1FMadkC2nkbCnxvqUGVHzTvzNfU8wi8iDwKYFHBwzL7S8uZPok72jpZUdu2r0t4llFCYE2nEyVvaojSPdr-ZVo3o63M7Kf6k7GrFvDcFQ_ez2j_XENofDdG4-fK2SjE_R1wssC8EZJrrPj49xv1nNmNawf0uf803SPa9k7dclEfwGExitGFcFohohrz9OOuSJeHNy_psrTGHEawTPsS3Z89QMTU4Z7u6GB75nJnqcVkHInCLOfae70biQ88_nSsC-cDuURVKEbNeXc-LZOm3ou7xLFFyDm8fvb8VANSDbULUxUsbt7mzz2XlQR_FeCbRtatN5LJrqmiS_V-IF4CPGRQHKbAqvHon85UiywbQOvcZP5gMnMSZ3-69q-Bqzsia5rlWB_1gJwy3V5ojng52_qc3eHotjsEIFVUYpAjb8QYK_mPmGQZj8sLVpQhqQ4XxbCbLPrJrB5V_p3ZoGwrAW_UYA6qgVcZsUrSUY82LLvO8eCBXd9UmqkQQCD2imTxodxLJkw9LRwvxj0jkyWWjOjn0YOPi9ErnGgtUrmpNFJsxici2J5fdW5jHt5HRU4bOVY317ps_FC0R-Y7Q-G2uY2Z0QilUHBWUgKSQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 4EF7 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:17 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:17:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f1df-32ec"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Oct 2024 12:56:17 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9F04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CQS5KbxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTEAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsqMo97oW_WqpQLgVVF4rvnzOkVzpv3MC5nP-62-VnLOAY0sjtx2xuAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM2MjIxNTY0MDUzMTMwNjMY1tUR&sigh=-7sOSe7GRXQ&uach_m=[UACH]&cid=CAQSPADICaaN3CnibWyOuRg9AOMEB2dpPvnSAxQNCYzETN7I9uyHUEtRPdZsGKn5WlpmdwI0oF49zadjLNRqwBgB&cbvp=2&vis=1
Requested by
Host: 9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
URL: https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 9F04 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k5CzEZWYY6wC2ASdg2ICAgAAAIa3FT_jkk6PttfnSAk5jtsQbhA5Zef79cCqwjMRdEUAABIAAAoKQVFVQkR3RUJEdw&wp=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&cbvp=2
Requested by
Host: 9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
URL: https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:17 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
155951
server
Kestrel
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 790F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310180101&jk=1213991514968399&bg=!hoWlhcrNAAaMkNwkrJA7ADQBe5WfOGtRwWLRm91ThTQyxSXrwr5gy2CffAmWDx6Tmin9nK0zdljWDQ_6liJDN-Pxe--tAgAAB9VSAAAAB2gBB5kCx3BxQ9AxVy_VzO6G9PqmGJSr8YfqiYZEsuVW0YBvZf7P-O0LRIyiPPZ-U0LRZuoM6ACj-FtwRp8gfZWsmadzY4Ne2wWXyvjEI1Ww5c03_Wid_gHaDhnTExk17psXPIjaOuda5G22AHFMrbQWyp-AEkJzRZXeEmZ7s8aLDkQC0QCSJGgyv-raXXNqBwGWkGJI2zgcD0IcU5mmwJV4K9R3OhI1IJ3P3j7YUfDtOOtDEDNE4h7R-m6bH-tC91P5TDNnZwJy8_ZXJKH_e0PoBzum2WJCqQs_nO8dFFmKXHf84iibby1zJbp1FHB9FJHZTC3uZsbj0CmIiqk2qNayz08Q_BEhTzW_HRiySp0sYmxUfqW-OZ3MQ13OqUZ4wcJEN_jYPtDHxc1rI_MFJiR20uOfVrZBfFvS1qwfnjfkJX0RkAjjmxDVhlu_JRvmdcK-eUUT9Jqd5aKfcXEfrQlKzU4j2pTHS3i75JVbk9-rDTPoyJWe-A_GX61KmPpC50EyW6IPyxvRSRcXAi_GDTkmHmbzjMo9OvHu0sRolQLc1FBiq7SMJ42YIiswBNA5sYzGYfU8YmbQV_9BSADoztHGuOxr1q2K7koYklQXAn4Q35iG0eOVHtpCJKeflG7BChFAz8R3-d2xVVMBKgPLF31xhyAhQ9OPIzPT1kYOaP3nZsKn6cR3n1vOODRRMjStxpUuMjpfuFFaPkX9JZ9CAxP4_B5Z_Jovq5YYPStczQojmQ9ZDh3N5marh4NzWejeALckOGM0sjaIt96q-3sKwOVpmX78woRj851LEyo6O3DOzGv8IeFojQCsnR8tCrronwLFNPrSjD3G7yI1rYqBsZxePyc3yWHj64WGtFCXl6yQ7PGMLBs_IqcFD_e6nIN7W95rVm-y_yr3xIbs2aCkoEmHMDv6sHZBpNdX7bcPF6D2bPNFenLOFYfxY9RiNQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DD2 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bp818axA5ZdKyLszC9u8P3K6I4AcAAAAAOAHgBAI&bg=!SEulSwTNAAao7_3LiO87ADQBe5WfOBkx4dAJdeOVhROyPCB9FRcjcIBC1qg8IOflKTA8m4G4OuWMdYkgaW_ER6z6Rz0rAgAACEZSAAAABWgBB5kDEaygQN7I3XYeQ8eos9pfj4ABjfGAhEfQM6DURiY_b_slQw3bym7Ue3xGWmZ71ltisixFcM9H9c0FQqOa9yXkcYjLbrMvnKMvKfKfw8AJGAedmoi9TnlPyuRz8Tg5EZO6H5aq81btsvhxsSROKFHj2EYFyiwRaLql1qfTm0ZzeDVwqrCLFnPUj_CovWO9tBqw0XvLslIsZBN2vRYD49LQUfHP8eiSnyLvWBEMxajkvkDInRAJ5Tx9coQdIICvS59SO7oOjZcz5fFdGeOOXN7-69AMqMQzxSIlZzOOIlBjUqY2Gmw-FUFdttPJy3cnK3Fh2jhq-R0LzGrFt-ZiLlN89_p75rpXNtIS9bPn0c-BDDhOVR4VCNw2PXO2doYSump9o2dcJBMbQCdDURYN7WOOZJmxcit-_cmE7w4dT7G08gwqLf9YeS-i2SIa-qLJ4ZR3xMvjP2ij6GMB3Gjd24tmmu10PDq9-SZa9QDhZwrRGTnBAthHPxDzC6FdSRrhbEfocKiLfp_SB1nGhim6xCRnK0hVKfgipdKmSWH5nuHJd2JzArVEJoqbeNupQiZ-el5gl0oAPdy06zlH8l8g5AqR1y0eLMfgIWS4mdU54f1LikfvpFzDNugDrXH6H5_DpwALf2K6JtkenLrIVKbid1YjHy_L2WM_cA7JYDLud9uNiXSQW_dWew8FsO1k1jNfEo0Ik1JhB3tTc_FtQbilsv-ST2ex-XopXt7Xbc0PqCSEmpA94kk29yoqXbVhb8agWGfTWL4F4GD4jSlZKLOdmw6kri0uUJJqZY4nXG6E1gkTMQcfXSfEffDz63sygQTNGTjsaEYx8xjyOv3Ws4zpfLFijGbX4poib6ibWf4FAbKgFsBZ9qeP05JT2CW-6l1fPehOC_a7IN6JgNhLkxn-3kmY-nByKS9yiaN9UNIw8GuViM6UWTRfFSoSpXq4zFf0C8W7n3rqEiEqr4liboeeQ6glcWoy2d2fAdK0iKokB7B1VxVM1BZUq8CdeRiQlwyf09XXI_3tzPmNO955QwuRKxdLRO2Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame F51A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TZnxNA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 12:56:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C7D2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310190101&jk=260596563719701&bg=!r6ylrOPNAAaMkNwkrJA7ADQBe5WfOIuhNzbiTJtigjldIkVOFvjaERQiB9-g7nOYBNm4v3dc7_ZIO_NeSRxhYIDYvPRLAgAAAPhSAAAABWgBB5kCzEaa86hnGDpo4ybTIx5L2Ttcql0u5msTLntp3ZwGOTrKYcwkpT7npBuLxHlJzyVUTcbRvUvVUXez9dE3SZZXF33hAXqTWuXIl_SVaUiMMARyRwJcXZX9qyTISrvi_5otJON2gxrhxYTK8XHmxvycpG6Sf0GtSqVvex0CFA8nfTRImsfBHS4s_EfHgyp2EsQwDLbj1BF-ZdWGu1qZmoX1Ls2tHhsNil6ugtLyPGC8NvQv2gWe3MfKZOlZUojdpW-TQyzrnie-r6uxgAacg-JwvMn5Ydmaesdk0687xy5oQlxFr6bZklM11EYiV9ZnG5znmgkfkoDShyoN_53baXI_R5oZAMMayFTSivsUuNLob6gzjOpUP7LIaPrOkVDKiIstRUHWjyoB4Gc4E7mo2usZI25LZj8qtvpmQqvRjGbmdTP_5a54Uzv0Bncchjadd67LG7sumFcP5T_DSHnU_DcVN13vCVDwyqR6FvjP5hsZOdlb-sYisDNMl9Jfo_Jrei4Adz4tuemo8ppGaHOJpqqRRk55Xo0E-OtmLkRhaLWQMxw5iVwjYWiRylrXz4rLKyWTdz6l7gTuC7k7nM9Wvh0GcaP95DiN7smh96IEE0qXL-x6aTsJfvns5e3JcqxyJ-6J5mxJBA1o0R-MlFhF30E2xjszFTJuOczbQq9z-aO8IhBUepLcAW6ADQKw61BCkDNbIZIfc5q6dF_HXQcir9JJ1Jr0IgiUVavT_Gf_K4DaXFU_CQD638rph--YXoppnpMRoPFHRW9YXxCzuToXMslxXp0_Z2BZS2LLR8iK3k_0HZoE1TWsQovIMrVQ01KuekkJbez3FLiSJvXkHoCew-4qo6IVoQgZXbQ7lmhvfTf8dk_yWibPooBXs3Aao12YqcvtIk06TH5w9p55G5GABAy5PLV-JCfp-CJaJvw8ppmfXmGA3ACCfTGp0KDIa954
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers
all
csm.eu.criteo.net/ Frame 54AD 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=XeRUzMzbF5zHnohXU3xdArR0Z9PDMHvUxQZj4GxRmqjH02qdHk_thYuY0JOSrHhs4VANH2e6daH-zyDIRcbAkOvSlEgYGIf6_CnLuNBdkey5OePdJ-mMaSKyP-LzEuv4FYFMem8jGqNpe9HWKeDx7dkbq1n8ot3TJ4hbQAlfgtP2xKnNVTIikyBrhEyo5qMq3RWf4_kavB7moKR5AKidAdEpq_uKB9Q2PLBzz0kySfOqvUGMkrYpzG4Tw9ZdmcMe7qpPIw&sds=2&rev=89023&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQagAEyrAHg5AgAA-88uKBtmweBs067fnpXA&u=%7CwA7xYuSwavdheBXBsBD6SagZeSwYzqxI%2FzB%2FbblJ794%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy-po99QewC_VhFPw7YzadiDNmEAMppio87X-xSYpEM3V6yenJFxAbfLcLyrR_aEoM4MIFp3GFTKdvOKynedQKHLW4GYl99iq3SdAieuarUA-7JAzyB1y2Z9WBjoDcrw9mZhDYUe1kxwOZDQosh-WsUjp0TgWeTxJ3eYBpRyQs_bs5d6vAFfoqnnY4ZAVfzlymrGKm5BsReoXogwOaiA_h-UGgWcqOIsSyE1BQfgPj1C059bHWd_HhkkUwuHMpZcd84gXjyKnEIOUVbHFpPW7XNLJD608F_PmsindjU5Xqw-YtDD78gYsW4Q-W4ehI38_jNV5Wi2n4z0r-g81Y85lCaRURZGgHI1Zx57u6AM69YbdMO_DxwlJECvReFYwtj1XA68qDeJ7ByGBodJ8n_15k0QBar_qW9Vw5crTWdpTEaVSfr-2fir1ySW0lzkScbmP3w3mrkMaiyaERxqBYuC2qVWl1srB5cotMSWzWGhadLZz4AihepB62joeyLZSuMXEkVgMOp5rx3gwJTHG7EhXUiYGs-2tDQKjnVsxhSk0aohb&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8EqXahA5ZbCVE6CgjuwP8vm-8AzJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAkZQq9xOxLE-4AIAqAMByAMCqgTKAk_QWjdlf6hscXk2T1iM1oiihMdY-utad5tBJHHIs8nv5uyqlZRmRgdEg7_NuMM-IkkGSk7BX-4cb-0o-qvz9Gw9qT_jGw7S14I8ahWcZ7JRpvb7tzI3A77Y40IgSHa-efXAT2cCDe58p-xE8-i-Lk2tKj-qfZINref1-2y8-aMV5qDBZ4VX1XacChlIlgsJ3DATfb3d5Uu-OMZlYzIX9CCka2UevTRiOtcDutIJnDwdXQxkcHvi_xeNa1Ci2MzSzw_l8yF_SPGgLmdUlXHrQVq-wGKjiE6byfAvwJcA9r76qCPqKmqKqTnBoPDUlFbu-GMljcgOhK0Hn4VE91YP3q6ZbZu8OQf2JzQ8WGJXnmC8S_M5nqmD3xheMeoXAVf7rb_g66-4y71iJCGumym80E1A0l_pKuPJy7akRPntpOiACiLjhSGl11EUjuAEAYAGgf7o-t79u8bIAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAcBABMgLrAjoCgEBIvf3BOvIIG2FkeC1zdWJzeW4tMzk5NTg5MDkwMDk0MDM3N_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_34As9R-EIfW0a98Y_i2HH_FA_W0g%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 Oct 2023 12:56:19 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
dt
dt.adsafeprotected.com/ Frame DCB2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=7868040e-d754-930b-7304-6ac9459118ca&tv=%7Bc:s40EEj,pingTime:5,time:7683,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:709%7D,%7Bpiv:100,vs:i,r:,t:2681%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5002,o:2681,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:709,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2087~0,0~100%5D,as:%5B2087~300.600%5D%7D%7D,%7Bsl:i,t:2681,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5003~100%5D,as:%5B5003~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:387,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:711,sis:1739%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:21 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame DCB2 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=7868040e-d754-930b-7304-6ac9459118ca&tv=%7Bc:s40EEl,pingTime:5,time:7685,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:709%7D,%7Bpiv:100,vs:i,r:,t:2681%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5004,o:2681,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:709,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2087~0,0~100%5D,as:%5B2087~300.600%5D%7D%7D,%7Bsl:i,t:2681,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5004~100%5D,as:%5B5004~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:387,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e*.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1e*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:711,sis:1739%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:21 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 647C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=5cee9c66-dbc3-3802-a970-c2ef60fc148d&tv=%7Bc:s40EEn,pingTime:5,time:7649,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:753%7D,%7Bpiv:56,vs:pp,r:,t:2644%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:2644,n:0,pp:5005,pm:0%7D,slEvents:%5B%7Bsl:o,t:753,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1916~0,0~50%5D,as:%5B1916~300.250%5D%7D%7D,%7Bsl:pp,t:2644,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:56,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5005~50%5D,as:%5B5005~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:385,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C163%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h*.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1h*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:754,sis:1714%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:21 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A78 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=89b766fc-beeb-a1d5-f9ea-63463853be0d&tv=%7Bc:s40EEu,pingTime:5,time:7707,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1009%7D,%7Bpiv:100,vs:i,r:,t:2696%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5011,o:2696,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1008,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1716~0,0~100%5D,as:%5B1716~300.600%5D%7D%7D,%7Bsl:i,t:2696,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5011~100%5D,as:%5B5011~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:384,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C1631%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d*.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j41%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1010,sis:1878%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:21 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A78 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1350098&asId=89b766fc-beeb-a1d5-f9ea-63463853be0d&tv=%7Bc:s40EEv,pingTime:5,time:7708,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:1009%7D,%7Bpiv:100,vs:i,r:,t:2696%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5012,o:2696,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1008,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1716~0,0~100%5D,as:%5B1716~300.600%5D%7D%7D,%7Bsl:i,t:2696,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5012~100%5D,as:%5B5012~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:384,fm:tTHBZ75+11%7C12%7C13%7C14%7C15%7C161%7C1621%7C1631%7C164%7C171%7C1721%7C173%7C174%7C18%7C191%7C1a1%7C1b%7C1c1%7C1c2%7C1c3%7C1c4%7C1d*.1350098-69352126%7C1d1%7C1d2%7C1d3%7C1d4%7C1e.1350098-69352126%7C1e1%7C1e2%7C1e3%7C1e4%7C1e5%7C1f1%7C1f2%7C1f3%7C1f4%7C1g%7C1h.1350098-69352127%7C1h1%7C1h2%7C1h3%7C1h4%7C1h5%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j41%7C1k1%7C1k2%7C1l%7C1m%7C1n%7C1o1%7C1p%7C1q%7C1r%7C1s%7C1t1%7C1u%7C1v1,idMap:1d*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:1010,sis:1878%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:d0e3:4e6d:63ee:b33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:21 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=zahav.ru&p=%2F&u=CbmZ9UCcq3WLPsBms&d=zahav.ru&g=20047&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=5913&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.zahav.ru%2F&b=566&t=Bp3xUK2u_LYBEN6bNColFnuCl8NKN&V=141&tz=-120&sn=2&sv=yOBOCJOCbVCbLTSoTlkO086ELN&sd=1&im=067b2fff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.23.211.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-23-211-254.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.zahav.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 25 Oct 2023 12:56:21 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
dc_oe=ChMIgdG21Z-RggMVpJN3Ch0DSAlUEAEYACCnkqZa;met=1;&timestamp=1698238583358;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 1149 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIgdG21Z-RggMVpJN3Ch0DSAlUEAEYACCnkqZa;met=1;&timestamp=1698238583358;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI_dC21Z-RggMVpJN3Ch0DSAlUEAEYACCThflY;met=1;&timestamp=1698238583975;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DBF6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI_dC21Z-RggMVpJN3Ch0DSAlUEAEYACCThflY;met=1;&timestamp=1698238583975;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIhdG21Z-RggMVpJN3Ch0DSAlUEAEYACDipu5Y;met=1;&timestamp=1698238584148;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame FF4D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhdG21Z-RggMVpJN3Ch0DSAlUEAEYACDipu5Y;met=1;&timestamp=1698238584148;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Oct 2023 12:56:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 4EF7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=fxwdX8zbF5zHnohX2GL3LRjjbX3NGSoiEI-P_IHc2FIQPpOuPJFono4gw5keXEtK9gtxBPEkwY2kPfiDB4hC1s9wABpEjYCK1WHYO-b0aOR84LdlH83pYy5q5yFZ5ng1utqIu7XAiXgy8FcP-1__paRvIDzOmrNV1ouVY6wgRGazxV1kRppLrWZ8ptKpL24IEbsCmtXKhZ-ubfab6r1CBPp8JRMeZvzg8rlo2Fjm69qsqItbpslxowl0AKw1aRTaX4KURA&sds=2&rev=89023&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZTkQbwAH3-AHg5f7AAaDmEZWpXnsH2v9pzQZoA&u=%7CglAlc3OC9ezMUnbNkdPv02Qwh2SzEvJIRyU25%2FamoVk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm1aUAeLqHS1XZS2nAV80UY-lDjglc0TopmbLHlsbvY3CajX4bjUmw1Djopz8Vak-RW5jQqLSaKstNs3Wk7TLX-7UPuJjRxHA61aRQROjRfGLYbeFzKLmn9Y0JhexXx1tjcGQrDSiA79mTcrjSpyyC_WovWZcCdRUHQ4yC4qufSlXrHAQ9ouKCLvq5hlURNx2jed-MZ0r6XESyFWTQ9CSuN89Pj9eGKCMv4yxY_-OdIqav6Jt-nUoPhznkntsPplpqBfXJjT3MH4SawAZmIzEwYjVaHG15y7ef-ioDwyg3o5tQ9glwfZZuwon_d_PCncoURS2xdw3E_ugOPbZxCDMb6MQuUfLqoi4TjxjH4OqtqFCm4sGHSy_PjLZyv5pgUlSzJTYrUlrY0c6pDdbLb-67ASJTWGDJdAYcZQLuVeMceDp8MSAkg3nJNgXEarUE7CraMsiH-tPylS4feT8MaDG53C9jdaJ5AtTsQhYRzB3m7Aabcw6aUZYBTJUySewXFC0wWLOb2xNg855hqhmkKjYtHa2EPRY6C_AnBUPMaZbJgxcw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmhU_bxA5ZeC_H_uvjuwPmIeayATJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM2MjIxNTY0MDUzMTMwNjPIAQmpAoP-fTchybE-4AIAqAMByAMCqgTHAk_QGh6yNwKUwk-UCIWxmeoPQMzmkJDh5WaJQ-JUdvYW3MB0ObOKyvFgYA1Xa094_7rwTktf-2F1x41acQsAhrLn37KBnJ1cw7s11OV7jfSvXmp6bNUjdg4yHKtY1e67t-bC5DOE0K-fWW1_McYRjXSM7RA074l1yfV7Oh4OELFP1mlOPxl9_xnjbs5l3fvIJM8M2HkybzcIPJmGkYG1fCu2ZR81UkLQImiBdapHJOQmwYqWAHOz4oKYNqZl-sqC5v7O_ip0rljRHJ7P1ETXEyMQuzoHmFlUL3extqjJwyU7klOp01grUCPbjGTLeRkYz4donWLshbUsQsZ0MDLHIXSBIKvXEpWv2gp_KObjBj8SokXrxgO2QIpMk5maTsrOof9622Z6mKQwcov0jhBXNGJ5EPfiExt7M5AYpM3QLZW0REhWL0KNNeAEAYAG5ajhtYHM5JouoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YBwEAEyAusCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi0zOTk1ODkwOTAwOTQwMzc3-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1wQXfIaJ6DDcm0_reKyj1YWpnQ2A%26client%3Dca-pub-3622156405313063%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 25 Oct 2023 12:56:23 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310190101&st=env
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPtQfD-7GTYPPnD2IuOCqM&google_cver=1
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
Domain
sync.richaudience.com
URL
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 function| addScriptPromise object| _0x2450 function| _0xa97f object| googletag string| isAAB string| pageNumberInSession string| fatherSessionInSession object| dataLayer object| wallaGlobalEventData object| wallaEnv object| WallaTargeting object| _sf_async_config string| _taboolaOS string| loadDataState object| _cb_shared object| ggeac object| google_tag_data object| google_js_reporting_queue object| pSUPERFLY_mab object| _cbq object| pSUPERFLY function| _typeof object| TRC object| _taboola object| _tblConsole object| google_tag_manager function| postscribe object| google_tag_manager_external object| _0x57b0 function| _0x3d58 object| _vadHb object| vadprebidChunk object| vadprebid object| _pbjsGlobals object| ADAGIO object| apd_options string| GoogleAnalyticsObject function| ga number| _zaVerSnippet object| _zaq function| __za_api object| __LOADABLE_LOADED_CHUNKS__ object| _cbm object| regeneratorRuntime object| _mgIntExchangeNews object| IdealmediaInfC1297439 boolean| mg_loaded_798910_1297439 function| _mgWidgetLoad1297439 string| __strip_step__ undefined| msg boolean| WallaA11 undefined| google_measure_js_timing boolean| fifabAlready function| fi_fab object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery number| _zaVerWidget function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id string| trc_item_url object| TRCImpl object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint798910 object| _mgPageView798910 object| _mgPvidList string| _mgPvid string| _mgCanonicalUri object| fiUtils object| $backfillRefreshObserver object| $FIslowSelectors object| $stickyPlacements object| $InContentAutoSelector object| $multiDocked number| taboola_view_id object| Criteo number| google_unique_id object| GoogleGcLKhOms object| owpbjsChunk object| owpbjs object| PWT object| a object| sas object| apntag object| _ADAGIO object| ONFOCUS string| nam object| placementData object| entry object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| cmTag object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| _cm_wfCounters object| google_image_requests

85 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARCrFg
.zahav.ru/ Name: _cb
Value: CbmZ9UCcq3WLPsBms
.zahav.ru/ Name: _chartbeat2
Value: .1698238566532.1698238566532.1.yOBOCJOCbVCbLTSoTlkO086ELN.1
.zahav.ru/ Name: _cb_svref
Value: null
www.zahav.ru/ Name: strip_step
Value: 2
.zahav.ru/ Name: _gid
Value: GA1.2.188761327.1698238568
.zahav.ru/ Name: _gat_UA-4780630-1
Value: 1
.zahav.ru/ Name: _ga_DV74S5EBKL
Value: GS1.1.1698238568.1.0.1698238568.0.0.0
.zahav.ru/ Name: _ga
Value: GA1.1.1682251483.1698238568
.zahav.ru/ Name: vad-loc-code
Value: de
cdn.firstimpression.io/ Name: OAID
Value: GDPR
www.zahav.ru/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.rubiconproject.com/ Name: khaos
Value: LO5REABP-16-DKFH
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EhzmqZhqBTlsXjc0/aJelRdbjRFtGIHH0vc+rxEBxTUuDE0DBU9vatxMciPccGbruSUxUBC/ZA4ELVSDeYcaz0sRg0q6IeKwdi+xUA9sgf/4bKpUjWTmmg0
.yandex.ru/ Name: yandexuid
Value: 689239231698238569
.script.ac/ Name: __cf_bm
Value: kbvy0n7tpqZf99XxCVphSghjFSB.5XsesFSbf9fuF4U-1698238569-0-Ab79nRWtbJZ4mh7DbahoV2jVAd53Xj7+P09b63a9J71gx8VnplJzPM+oprGCTEXfLlEeSq8FfZ9U94uuBz5res8=
.doubleclick.net/ Name: IDE
Value: AHWqTUk0wn5aIWvbiPLSKsO4Q-qglCZkPzZXEiFP1NKRlohiRUEuyPZ0nJewVBquvi4
.zahav.ru/ Name: __gads
Value: ID=9bae96f02389768b:T=1698238569:RT=1698238569:S=ALNI_MY0ZT7EmVEl6Q3B1fYN2Gx0pxkzaw
.zahav.ru/ Name: __gpi
Value: UID=00000ca401b85a5b:T=1698238569:RT=1698238569:S=ALNI_MYS-qgEfUnY1zM9uZTYvYve48tsTg
www.zahav.ru/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D9076657e-c1ef-4ddf-b70a-d65d485d3f7b-tuctc3295e8
.ressaymonstives.com/ Name: e47e3d51-f8f9-40e3-8450-d772f4732dc3-osz-v4
Value: HnJLmfscKJrpzphiWLkv3CNzwDwELlpylyj0mVjQVdTS0UhSQfdXnL077YpUN5d6u1WQZXQO3nGjqoBY7Vwrh8yXmIFEd9VRHwhSvj8zKQhqwSDMZeQhQ4qcSizhDaujOUC81qL6Lb0a5pB5L064I0gWYjDuKX_eoUbd0T-WIZgmquUMLXa9conUssz-35wT70dYltiDcG5b5xZ1pu7fwCtzdL793Pl0uZqCgkFPgyMgfE9f615SIyu_3IUdi_bGdOK2zUlRXFIpMVFVck0lnBnB9NkklopCBGOrct3AEmA082Fg9XVenSSStXfloi47VZnrQGGBlRBG5IpxyJm051l_bK90lcf1hTrpS7bNh7FMZSNxweVPk9hCS31O6yY4iq_HOPL0r-KMhd0PVdtjd07gnHCoyd87vCS0cytDfuQUk8IXfUNFrqJVqUF8XXO5rdy77rWsck2C9HaLBMtxNF33R5tT1FG1OTGBS0Npa61j5poGeXzQlqLJojmYUDGWPCuNSTrY4TEcBVL1nDF1eTYfdmJ-BCtAu8jGU6nAyUAq0OGAkP95LzsHPeH3tKMpkM-BA5H_dDmhWHOhSM2CbBMTDnEgOA3gUUs9svE4HifzFRJa-5erGv0hUsql4COrONEtIOHGB9i2dcpiv6zS5D0moanL6WQodMdZv79klD3-0Z5Hsy_N5KRPzbYifRVShYesQnYoka38oJy5tgvHVdSIoRntjMUT6OZ-ElmKvED_SYEYKTqxaPzMizXZZTnWB3GQDhzISeEIVF1nM-JSBifgcWL7c56RYR4ALvWbCXhjQ9_5X3BXdUxqUxRddoJYV_bWGDt7t637Knk5g3xtxO6AAnZL8Ck4udWgx-cBgvRxIL4eRhXsWi8-4NlSIiOe6D5BuARmjUPHApj7G83oVl8bSHAabtAajL5X9UzXWRtehvq0c2Wa0nyO3ptG13kGqfIaMXgKL9rgBOKEO-tr-w5lK1i5ZjCwL6DTt6M61y-Pt-IJs8gvnzRrtO4ZGCORra4Fgxjh3oDbWAZtAfAOn1Xp6Uk2jA6ut19Y62ht-sZkNJE_c_mH_5oSYnM_xCoYZIKDg6bynujBSUpBxLLHZcfXT0YJdlSLIHhQWXO-rUJ5Thp8baT5lcL9xF5yWGMsigHSmvCvoNz-slg5-wSvQeu1xXXD18NRACWImBKQL6E
.casalemedia.com/ Name: CMID
Value: ZTkQa80EssFQrPU7UfAdtQAA
.casalemedia.com/ Name: CMPS
Value: 3169
.casalemedia.com/ Name: CMPRO
Value: 3169
.adnxs.com/ Name: uuid2
Value: 309880752332445775
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?jn2/[B!]tbPl1M>e)ZlrFUfJ+tGXxpKQfxJWbR>Q#Wt`j%@O?UG9v6WzQ<<Ia>OJgr3If)y3KL9D3I?+c=h$$W
.doubleclick.net/ Name: APC
Value: AfxxVi4B7odoLztxf4CGhW37tWT8yV2reKyOqQ2f5j_yN_UZNhMe9A
.doubleclick.net/ Name: DSID
Value: NO_DATA
.3lift.com/ Name: tluid
Value: 2891057530363369488469
.simpli.fi/ Name: suid
Value: 724E311D0B2F44A883B9EEE9F49D75CE
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7769368039249428401
.quantserve.com/ Name: d
Value: EBABCQGiKoEA
.quantserve.com/ Name: mc
Value: 6539106c-0e2ec-3b4d7-112b0
.w55c.net/ Name: wfivefivec
Value: SIHgv8EF1QVDqI5
.sitescout.com/ Name: ssi
Value: 797f1e89-b273-4f3c-8232-72426a98c383#1698238572082
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZTkQbAAaZrzDmgAN
.w55c.net/ Name: matchgoogle
Value: 5
.csync.loopme.me/ Name: viewer_token
Value: b85203c8-60e2-4483-b487-366ad8804e34
.blismedia.com/ Name: b
Value: 6539106C3B47D12A6DB66205BLIS
.de17a.com/ Name: guid
Value: 1.5400316786650057655
.yahoo.com/ Name: A3
Value: d=AQABBGwQOWUCEE4WEiuxOgjCySAdluNRa_kFEgEBAQFhOmVCZQAAAAAA_eMAAA&S=AQAAAo1niV9bwQsHEr4XymHneo0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003%22%7D
.turn.com/ Name: uid
Value: 9148772490437157163
.criteo.com/ Name: uid
Value: 5dfa33cb-ff65-4500-a40d-4fc69d11944b
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: cfe271f2044e1369
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adfarm1.adition.com/ Name: UserID1
Value: 7293879131855321241
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 10AEFBE3-A5D4-4D5E-8A8A-32FA4321E4AC
.ctnsnet.com/ Name: cid_b568f3efc8654c10b46a0bc7c0e25a3a
Value: 1
.ctnsnet.com/ Name: gid_CAESEDmlKdnskZcRuG8ov6GH8dg
Value: 1
.bluekai.com/ Name: bkdc
Value: phx
.sitescout.com/ Name: _ssuma
Value: eyI2OCI6MTY5ODIzODU3MjEwNCwiMjQiOjE2OTgyMzg1NzM3MzgsIjM5IjoxNjk4MjM4NTczNzM4LCI3IjoxNjk4MjM4NTczNzM4fQ
.bluekai.com/ Name: bkpa
Value: KJyNpWWvQY9xCKcENeS76zajuJLrWiD6AY/N5w8WqwwQdhjFKAEMhWimkAruSeOMmuPgisd1mr933UEj8vCBeLsybfRlZIrO2RydlAtOnEcDfP0SGZ1QTyWIjkxk9Q==
.bluekai.com/ Name: bku
Value: ts6O9s6xmVVx1ORp
.lijit.com/ Name: ljt_reader
Value: Hi4oKGZHKkXUqJYJQ7u4hVs0
.tapad.com/ Name: TapAd_TS
Value: 1698238574057
.tapad.com/ Name: TapAd_DID
Value: dc9a0586-61ee-4a3b-afa5-931fab79a0df
.amazon-adsystem.com/ Name: ad-id
Value: A7hI2LMShEFLt5KXDW15ofc
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.liadm.com/ Name: lidid
Value: 31ddcaba-4ec8-4fe1-9e37-e714fe2eca0a
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.rezync.com/ Name: zync-uuid
Value: 1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73:1698238574.348331
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXBwRGAMAgEwI_t4AwCuYvdYCCFpHJ3zzX04-wKldYo8XQIm0sKO1FYuWGvjsnHGPDbnGb6A1kesfI5AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjCxMDMys7QwNhXiM9RNDAqtKDRI8clIds4EABRoS_olAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjCxMDMys7QwNhXiM9RNDAqtKDRI8clIds4EABRoS_olAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_13IuQ2AMAwAwAmoMoeRjH-2ceJkIEpKJqVEory7mmL3mCUIE6WAkw18-oCylVY2chmdqOEHuRjvxE6Ed9u-06Dn5xfTXN8nWQAAAA
.zahav.ru/ Name: cto_bundle
Value: worFo19QcFdhcnM3dEZHeHNsdm1jVyUyQkU5MUl0SE5DaTRrWVhTbmpKS1hHZE4wOVlvWEZjZDZmTjFDM0IxVkppZE5aYzRBb0pBU2hsJTJGaGhycUpvcDIwV0VLTUlwc1RQblFhWHpOZ3AlMkZxJTJCVVN3ZElyVFR2Y0VTN0slMkZldVc0JTJGZk5qJTJCJTJGUGg0S2dwMkVqNFpsYmxnWkZuRGNhJTJCUEElM0QlM0Q
live.rezync.com/ Name: sd-session-id
Value: .eJwNy0EOgyAQQNG7zFoacRhn4DKGwpiQVtqIbmq8e1n-5P0Llq_uW6xaDwjHfuoA6V16NQgXtPLb9AUByI5C5BlHJ_M0e0GCe4CmrZVPXUruxj7FayZr1FI2Ljo2opJM5jVy5hRXxmD7O6EQuwc6QbRw_wGkLCYe.ZTkQbg.odrB5KCJBQYbZ4VghL2P66qhdIo
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7d6dec20-6b67-4d03-a287-e9bb13129a8f-003%22%2C%22nxtrdr%22%3Afalse%7D
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 179aae56-a184-522a-98be-4df2fd875d9d
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: ZTkQbwAA2sBdymGRiIYGxfSsd_-gj2OLNXBNXQ==
.tribalfusion.com/ Name: ANON_ID
Value: aBnteZbqZbaOF6iPq6eSMn0ZdVZaISxpMhN5V7CDSpX499e1pxF3BOkEMQEtbInhZdoyseGdgp9CdHv1ZaYQTrbKPEbj0GYdrZchp99
.bidswitch.net/ Name: tuuid
Value: fd67c680-d21f-4726-b4e1-4508eb25e16b
.bidswitch.net/ Name: c
Value: 1698238575
.bidswitch.net/ Name: tuuid_lu
Value: 1698238575
.ads.stickyadstv.com/ Name: UID
Value: 90fc61ffe7d996e53021b9582855508a
.bidswitch.net/ Name: custom_data
Value: PqhfVV96NW11SlJZN2VsRUV6OXduT3N4bFgyOGtUQ1M5ZTVkQTZSVWM2ZzlBRGJibkN3akNiTm5ndk0xdm1Sa0hHbHRCREFxbTMwR0VDeWdsciUyQmdic2JpaFk5c0tRT3N4SEtMYnNKaHp0RlJvbU9aOXlkWldxRkhlajFSRkx0bFQwOEg5N2FBRkhTUnNhVVo5c1FxdGw2Q1RrNHRkUmJPZTVZZUtpMnVMbCUyRjRqU1hYYWJmNGF1a3dJY1clMkZKVCUyRnFBT0cycQ
.smilewanted.com/ Name: sw_user_params_infos
Value: IHul%2But7MDOck7CaChiyLDymFIssuuAjQVLWXl8%2BiCwvi7FkMjHqZTRIWVpqM8PRellTbl59t2U0t0fQnAFDuiOVeiNaMRDd3UbhD0c1Zh%2BQ2B50N3dccB6SgXC4IGtosCkMQro9bZtZ%2FEeLX%2BQcM7IOfF2udZJf5qvYci2jOehmDIaJcXdQ1oGQOhaeUAiW%2FBP23QwFmtAx4AOo7ojzapfCGeH1Az%2Fi2EbJJOhHHeUk%2F8lyuzY%2BpBBkzNR7F3Zum3PXqSIWBrY5nKsqCnnHo1ldzZ1QQyGgH%2BQgKZKL1ILjyd9Ntfhux1GfPKP94JHAf2mLGgGL5pYuT8WiFwaeDw%3D%3D
.mfadsrvr.com/ Name: tuuid
Value: a8704b10-757f-4611-8899-2094467f3bc8
.mfadsrvr.com/ Name: c
Value: 1698238575
.mfadsrvr.com/ Name: tuuid_lu
Value: 1698238575
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1698238575

29 Console Messages

Source Level URL
Text
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.zahav.ru/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.zahav.ru' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://static.smilewanted.com/js/decode_consent/decode_consent.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEEPtQfD-7GTYPPnD2IuOCqM&google_cver=1
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://www.zahav.ru/
Message:
The resource https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.zahav.ru/
Message:
The resource https://securepubads.g.doubleclick.net/tag/js/gpt.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.zahav.ru/
Message:
The resource https://ecdn.firstimpression.io/static/js/prebidamp.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://s0.2mdn.net/sadbundle/9461066680953449411/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/501709.gif?partner_uid=1b89ed51-e15d-4a47-8e8c-d7fa7d7caf73%3A1698238574.348331&_=1698238574.350248
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/sadbundle/996678810003512636/Fallback_HalfpageAd_SchuleundBildung_300_600/logo.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4b02c6f9b4df00741f3bb6ac0223ae3f.safeframe.googlesyndication.com
91644c0e4be4d0930257b6fdf9b9fdd6.safeframe.googlesyndication.com
93b6051d9fef1ae6c287878c50f6c974.safeframe.googlesyndication.com
980f32f49bbaa4001f882563a2c53b4b.safeframe.googlesyndication.com
9c6560969eb3c3b27db94543f398c290.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
ad-server.eu
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.stickyadstv.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
ap.lijit.com
bidder.criteo.com
bs.yandex.ru
c.idealmedia.io
c1.adform.net
cadmus.script.ac
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.firstimpression.io
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.valuad.cloud
cdnjs.cloudflare.com
cds.taboola.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d221oziut8gs4d.cloudfront.net
d2xerlamkztbb1.cloudfront.net
d5p.de17a.com
date.zahav.ru
dclk-match.dotomi.com
detaly.co.il
dis.criteo.com
doska.zahav.ru
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
freecurrencyrates.com
fw.adsafeprotected.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900017.redintelligence.net
hal90004.redintelligence.net
hb-dot-valuad.appspot.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
i.liadm.com
ib.adnxs.com
ichef.bbci.co.uk
idsync.rlcdn.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.newsru.co.il
images.taboola.com
images.wcdn.co.il
imprammp.taboola.com
js-sec.indexww.com
jsc.idealmedia.io
live.rezync.com
mab.chartbeat.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mignews.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
outbid.firstimpression.io
p.rfihub.com
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pixel.tapad.com
pixelgroup-d.openx.net
pm.w55c.net
pogoda.co.il
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.smilewanted.com
pro.ip-api.com
pv.medialead.de
r.casalemedia.com
r.turn.com
region1.google-analytics.com
ressaymonstives.com
rtb.fr3.eu.criteo.com
rtb.mfadsrvr.com
rtb.nl3.eu.criteo.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.richaudience.com
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.bluekai.com
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
vidstat.taboola.com
web.hb.ad.cpe.dotomi.com
widgets.outbrain.com
www.9tv.co.il
www.ad-server.eu
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.zahav.ru
x.bidswitch.net
cm-supply-web.gammaplatform.com
pagead2.googlesyndication.com
prebid.smilewanted.com
sync.richaudience.com
sync.search.spotxchange.com
104.18.25.18
104.18.27.193
104.22.69.131
13.224.189.103
13.248.245.213
13.32.27.113
138.201.63.116
138.201.84.252
141.226.224.32
141.226.228.48
142.250.184.194
142.250.184.198
142.250.185.194
142.250.185.66
145.239.193.130
151.101.129.44
151.101.130.49
151.101.65.44
159.69.70.9
178.250.1.6
178.250.1.9
18.195.23.231
18.245.86.11
18.66.188.223
184.30.22.30
184.86.251.85
185.184.8.90
185.89.211.116
188.42.196.115
193.0.160.131
193.150.127.23
193.150.127.28
198.47.127.19
2.16.97.41
2001:4860:4802:32::178
2001:4860:4802:32::36
204.237.133.116
205.185.216.42
209.54.182.161
213.155.156.167
23.23.211.254
23.32.185.60
23.35.236.201
2400:52e0:1e00::1080:1
2400:52e0:1e00::1082:1
2600:1f13:800:7780:d0e3:4e6d:63ee:b33
2600:9000:211e:3800:1b:5138:8a40:93a1
2600:9000:2127:3600:18:1fcd:353:c61
2600:9000:223f:de00:8:48e:53c0:93a1
2602:803:c003:200::41
2606:4700:10::ac43:f51
2606:4700:20::681a:e02
2606:4700:20::ac43:45a5
2606:4700:20::ac43:4bf1
2606:4700:3031::ac43:9d28
2606:4700:3036::6815:43eb
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:1691
2606:4700::6812:18ad
2606:4700::6812:272
2606:4700::6813:9722
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:802::200a
2a00:1450:4001:803::2014
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c04::9a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::6
2a02:2638:3::7
2a02:2638:3::9
2a02:2638:3::c
2a02:2638:d::c
2a02:26f0:3100:288::f33
2a02:6b8::90
2a02:fa8:8806:20::2100
2a02:fa8:8806:21::1720
2a04:4e42:400::714
2a05:d018:d29:3602:15eb:19d4:d59:9b24
2a09:7c44::22c9
3.120.242.65
3.121.79.42
3.33.220.150
3.75.62.37
34.111.113.62
34.149.20.76
34.160.198.118
34.95.69.49
34.96.105.8
34.98.64.218
35.156.144.107
35.186.193.173
35.204.74.118
35.214.162.244
35.227.252.103
35.244.174.68
37.157.2.229
37.157.4.29
46.228.164.11
46.228.174.115
46.228.174.117
51.38.120.206
51.77.64.70
52.214.242.163
52.222.214.57
52.58.207.165
54.170.10.64
54.83.105.107
63.251.14.3
63.35.103.141
65.9.94.14
65.9.95.54
67.202.105.24
69.173.144.138
69.173.144.139
69.192.160.219
8.2.108.194
81.17.55.109
85.114.159.118
95.101.149.35
98.98.134.243
99.86.4.102
014e6fd312f2c7489ba9e34521a75e11becf6773dc5b84062a0fe873f48f3666
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
025136733ef145db18f74f9a8c83921404afc6bb145aa50fbdefcf07da93a538
03d5c66fcb87068d84645f1a5a5f5669dba7a68f4fcc6168c0162ca454e87118
05dda565de388e3c910112811c340137ff7f51b83ecbde6a8e6a634b8377eab5
07cc69f447b0cbea31338798b030f74552f5992bdfcecb8c4503329a7c6e4c3f
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204
0be12e61cf032856054c7c216653f2ba8de871ec214d509c2df750f7094b22d2
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0cd2a8e733c9adc698800169d980ad7f62e92ca40ae05c6634c0ea03cabace8b
0e3fc291ae86aa2ccec9afae5b0f40229c730d71ecb18e5c441a7d3ef8ebd274
10a147b0971c0008073b34952df223a76a6c09658e06a2afc1a160a7edf95db3
1116e4cc7ad958761e008cf397c29d52f8c17bbc4ec05ef0864450b867cfe330
117d3845cf542e6a69af541cc195dd652bd378c655cb29c580e63b1292fe73f8
131a6447a4b2585e9e8b85a5a7f37b4911c794f9d72ddbf1920fafcadd1a2b2d
13b8bae1ba7dfda268e6e148e45101844fb34099e51aa21ee906caa256f5a582
146a64826cd7fdd7a02546901a50c199c7cd8bf2c3a87be4a051a269ab43da69
1599cca0cc6a5753d96bb722bf0445ed676a9a84f6781c22f42d7cd0d3694539
15d2ebea38c942998e15318f43f7891d7a3efb8bbe6257b822601c389f013f21
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16a09d6749e9aa18a8a4a70905253e36b05235378d7a6f1c2e48f5d6ec8fe3fa
17f25ee6ba69f4b6af02d1a58f1c563495e8757eb620a38a07b36ad9a2ec5d35
182548bdf4fecf5016a1af82aebe5af69f104448155895f260aff0625bb1f451
1829f58310254fa9e3f383c7c5a8fd4e82e2677c562e50d431601fce60a973b7
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687
1af4f17cd60a4ec9af0035c1f678cfb2d6a4ba307dd1a628a0807ff91d8ceb4d
1b8a426060d1c98f9bb03ccdc3903f1597ee87d374ddae5531a120c2fab37904
1c4815f16d5859fb25373766f7f867388b6cc9ce5f82a82a36b90054344e2a6e
1d27f89e2708b673850caa81118e9245c6afdd422358378e09ffecce4c26dece
1ebd29630e5751f90433ff306c1db8ad9eaae25f55d1e3414e2e48db757de429
1f489d03882e6550812ef9da530f3ee011423a0d85bb883b768783e3fc787743
21560e4ffe4831731fd302da2291501d0781bc698334065886ca06bb58b2e561
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
253a7d81bbd8a548a268491ecbecaaaecdfcfea15b4fbebbdb2d5b6d4aa8720e
27c2429fd2edbe6f4b2fdbe235f330ffeb023f41474f5c6b290885a866587527
289aaa2fdade3511d08f072a11211535d3c088c4dfc777bccebd5b8a00033ecb
28d76b4a4ec9614dc564bef56c3ec33515fa57b82066b06b9a06bd248a9ddb0d
296be36e260dedaaf7a6cadd800abc5bdfaf2873f8dfcef7f350862aae28c311
298b0596844d5a2e5aedc74ac7517830008083897e802c550da444c522508ec7
2a4da782ce2ba51b821c8efeea0dd8f26b6c164107aaf4f34706a2ec82258055
2a8f6319779780a67a4849b478e1066f7c6464bae51c711548e80f8eab7ef9b1
2c5a7afa8c8f1997cefa0ff115edcbfb3dc61b9976e14986a3d49d62ed7b1b4e
2c8e28ce88db0e0f1917f963aea77f7dbe4020efceef471b21d7c54444982b70
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
2eec975ef608346aad483cbf4dcdfc97fadc576a5e555254adcc43d6e738a591
30f5fd9d5419c00f49f1f279dec7d8e9aa159455ef3243e8d498086c6d9d504a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
331a674f41d8d3448143f0c0fea0b8179ba6098c54b37cf72008116b12acec24
33a69fccc71aa20fd0456fe1a723f0b5b6d0ded27d125e573f61a12df72c807b
35022835febae4fdbb5d479831693c2b10f1e4aa36cd882313b59e06eab6665d
3507fbb24135ec817de2ac6e5fd75d700aa8095981f5287c21a2d55b2160e3a5
3762f84554b341dd11c81e709e6df40bc62736f16e0c8ea4fe3e7e7c5f1bacf3
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
387909e1bd44fb55a23ec3a07e75b801fbd9e4e8e8132cecaa2e074f18dc7efa
38d832da671338ea8eda3b4f7f717cd30c7afe6ab7af0324f4ae4d5a8325be50
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a989c3cddf6ae536216cae18c0e526e52b22ec4bc1b4600b6ecd215566c37c8
3aae26c078de650dca80a0ece52b9a4e913c756769291cfdfcffd7b484fed31c
3b03a9eaad06493c0f18e84c4d24c32cc59fca783ddaf8734c3c44ba8df85376
3b94c8117bda64123d3f422ac67c2999873ffb17e6819e47209e419bdea9d331
3cbae1ae73ad743ec759b0d6f8ba74aea6bdf3f9225bcc4269ff201f9b7d665e
3cf184c738fc2280760894d2cd013982902e6e3a869b4e1832fcfd8e7992edae
3d431fd4365112cd8ed3c74e380f8cd2002aca023613b0b481f1a58dd03f87c1
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fd055f9b0f7d6baaec7f56e269c8dcd347f6680bbd4194c57ee590a46fdb95e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fff49cda35b45096f600f0dabcb3007aca3ff47845f00ab1aab104023d0a015
400dfc022204e7b4ddd76113dc3a58df26df6926c74a5b334ae6a92bd1f773a5
40f271305318eeadbe864c7e7350faffcc3a55656c4e402cf2fcf7806f9dbde3
415d5471329a4e27cc56cae84dee0d983c59954d8e72689bb3576902345fe314
41fb2af396010bf8caf24206fae2441d39e692c4da4641d58ce6dcf68fa8de16
42960e94df1b53714d7853c2667b3d553013e46332fbb481edf143efc7eec0d5
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43cbe861b09360a856de530e3aac37acab9201d0eb166c906b26e0f71fc6ff23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4428cd3f170f314f726ed70536cc60b98abe948ecce424b06d4fbe5dd58b7845
44f220214074809830e5330b821917c0e5b41711a41cca7601a2abaee35116b6
457d087404f504e13ce2557a88c71139c69ebd8cbb91967c224884717054ce40
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b2dc3fc5e9ccbcde38dfcc96d4545befae794ae947ea3602693f2e7126b057
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4a208b89a9ef2aee7e7921f8b2562b3f372a4a4de17e52d52f87480ff5b2e5fd
4a920ac8a357b492b991802b1d781790c9923a59d37c335f6b2d19cd39d100b0
4b239d71e6d6f79c300c56579da6be60a40e1fc22d3e3ae60dff9d7edace5a00
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bcb58b6eb71ca551bde3f103391cda70053e81febda9bb7235da9cd6225a35b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e94402f68288b2af3d7d1956df8c14f9160d1d5ee04d604731f277a076d2176
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
511802e0cf0e95970461981b23bf8dd7c83d75fae21696245b597acb8d650cc9
515fcf87781aef040a6758d637d17d941caf08ea469656259b5fc3745b832d41
534a477deb9879b68f4d3c511964b025a9be95ac58f70ebd6a128a3b8dcdbcd1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ff2ac1b932443cc0d8a4565f2cddd09d499d83984b24350abcc95623bfd8d2
5618a1cdf82aad97f1c6240687b1707be691d2453d74a7a0234d62bf4bccd877
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56d9f3976b22e887562827a85403d0d2f4ec79a06508bd553b5df012d109e984
57a428053429128ed81e3aac6007acd4a04fbd9cf37700170a4573b984b43189
57fd6c43200b7365f2919217ec479ddd935dcd9f43cb8615e57582ac70adf492
5825c88b68a498c8b3d8d34f0090a625f063a366c8f3cbebf51e7657623fb13b
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
598c18381d12cdfcf3a8fabc5c2962ecb93f3ceb764541b84ba7f1b07e26f91e
5a95d0861fc3b1f3c39e7bc7cd83f6d83e57376d9596ae5a0b070ae1965cec16
5b27dee07ef5a99538e4b7bc2fb7f4646c0fdb7cafd09135a886b04031ea626b
5ba86813c2f8c836d52722a88a63de130aa006799e180ab3649adf02d1a4a0cc
5c8251114fffcc1a60ea943341a532cc19f33a7a9e8fa95f2fcea4dde443f04b
5e0ca14217183069aad876d0c5b055c1f5d49c758d12cf4951253e7aaebc4109
5e1754083bce6379bf16761da5ddea322d7404f2072c847a2b3c893120fc4fa5
5ec86fe055f703d79cee010fe657a9f65ae83d666880a1ba459116b3e033174e
60531e79a8bcd2aea26e031d6c09a2da7ca3c074bea5d4585a5009d52e17f81c
60a58b4987d5400aa0bcc73d4eb7cd581242080051488882c6449c2eac6d0da9
60d418a4677b872e2e2d232e0968bc8bbfed66c1530b12071cd69922cc93874c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ddc98fd77a7634818e8f407b2de1c82039a93734c9e8578385e99565339266
620db770310a1d13b8ae0b45e4fc32f8474df07d84ffe1c28470e0981d5ad6fb
624f0494fca1a39f49b63bc119f7f76161c6cb1af4d6f8a34fd8ba627c195868
6311a02aaff6bad09834d41e368b6919c0c307fb27f2e31ec5c5ca038e743474
6417c65a57cd68bc0e5e18cf23b47ee22d6c9643d6b2987c6dbed425baebf25b
648f4dfc463bc2e7bec6650c4b8ab903e9c783aefe939fbee276482f36568898
65af1f9d296b5e95bb38d1f51fc461e7b0aa8691da96a750524e227026579923
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66b3e6048b01da88ac99b542a1d10191695faa35902b57d1fa7e76cd7a10e957
67aebe7262c900f0a73f2c510272dd5072eab4d7b819ae053fe7f813263164d4
6878b4c04dcb447d6b39de2d0ebca089e6c3d8196af59c6aea6269b9b0996bee
6892f46033aca54e604aaf2730c9d7d6b9256328f950f411635008df8791e202
68fc63439c0b507520c7240de9f6b197592f2b07324d646bcb14747e6ee93c72
69a0b320e5b31f7f7064e40e0f9063659b0468371283ec6eb8fc08a24bd501d7
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6bebb8dc1c07e226dfa85182754a8d2720f1e55fcae6c2356b8321c8b95b91ab
6c02b4d4daf27fa92211062a42b8d7dd83e3990d80aee07fdfe7b4f6ea093688
6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc
6c7c38363e66ec03f15212b1104ef4b1012d3a7faa9fa469805bfec9bc67faab
6de358422af840eb38540a661f530b7c321e6b3dcd1f3de4d3f080ce8483fa38
70549240fea1a10a4c0ec5804693af68a23eeaaff15c9cd1883c0138c81847e3
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7263b3b4ed47729731b5fb49465dc396dd20e9e6763e08b6739af524e36ccb3a
729708ac8c6ca6ce7abb808820befce0414ed41d69125fb032aa8a976f4fc5da
762eb5f116e45d61febb9d50833a12f46d6b4a8f55d11632e0216e8e9c756c80
763cd0761b62739bfd6d1a7691912a5df24ffa75aeccc8a359b1a18d1e10c374
765c7620d49d4ff0bcbfd93e483622c6f1e643899d8f989438ed2efa209685a4
766420ea63a8c8a808c2a2bdc94f966788d0401c6e72223c86669c2b9f643403
77549be4cf8d631e29fe5cdce8f3bf0f65c8088a4aeec8d1a3b3f45753e9f1eb
779154b7d164b359fd271d3babb7d4eac4f48c49a978ec0a6e0a3f646056d13d
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85
7a0d66c275373a7ed8d783bcbf5ef7d3d7f4fc1cdc84b1cb354391f685fa4377
7a5efc58956be2fecb29a3adbad65173c6f93ac4c073d6d1cb0fb541fb487ace
7ab9e1311f35c6c3a1da2754a2f437d13ee78f688f9827b6e4d67ee8d1e3bde1
7b06fec9f38a9f06f22d70c2a669dd25732f6be0ce7be4101e5cbef94069a713
7b4c045a333aa20aafa2d673e88421d2bab9e6b8b92d194f3c26d32730607d27
7caef9f84beab92679cdbded0d01990b6b3148636252a74fcd1d40b14bfa14c7
7cdc3ea7df7d43a400e4a960f42b5b5a1eec72954f913178152cba160edc6f70
7d94107f619b79439af7ca7fde45f97ba80e6ab755ac912d17910d9aa62649a1
7ebb96737d10934759e7339c061dcd9a90798768219fb0b0dfa807b9947f2b88
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
804ea29f89a4ee9ffd331228146f72ebcaf7b6a9b54bda69eba8664042b703d3
8171ee44f13ec4122781a708bbd64978504f5b9f612fd5a2afd11d5b54479cc5
81739fd02bc2f3af1b68b7e43f4d3938467125bb562a2f179de94f61d0131f55
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8398298bd6429ac3587d9d2cdb1bf3d9d254cb36585aab6df858358918459e5a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85ba31fd35fbbc35097d2ba1b684761f458cd6b36d6bb66ca3197e280ea037e9
8618de4b08e95c0adb71ff82f37f57b8b6d94576d46990773ed1a782585e0fcb
867f05b525e309e835db6f09dba939aa9462520f709fd32661e0d46c589b4380
86a31713dbec777bafe8b67fd981ce6a4532cd2d1d08426b98f540a99383d1a3
8722ada450607b505db1eb8c53af912e4a931e48f436594bdd5cfa7ee9e565da
8b0310c5add70491a3bdd79d3c47638a99485919181613a3d8df35eebfa347a9
8b545845a2273d287b89de2dad629d30137ceb38d1ce78fa423e6980c00b368f
8c42f56902b30c8fcabe337e9af8b3fb5192647090c13b70aed65a84063a2396
8c973fc683837b2b8c9392b6c4115c52f98b8c8c74242b0a2cafa677c60fa1f4
8d2665898b44a14e3f06ffd4782a1ba8ca5d10f3ce66198e36cb2fbbdee7df20
8d599683f7ad896f528e1d4ad999b0b236660435b9276efa8fb36b181b7c7925
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e190a4d5edc1e768529b868e650ceea914c8329d7083c5af4c6b27045b10a72
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee7265b64ac36b1d161fd8a37bfd3143705c74f2567e73e7d3eb5b4c10da291
90f9e24d80ed6b524a281fe45747aa42e0a92dbbc95f8409f99414bb0f3e0ee2
92682f44d3bd2b5f569eb46a36ce6420db5e9075c1977d0f1a5590a7acbc8339
9272dca4a76f95ff45230dcb6f9f3001286c735a2d2ae3e88cb920d3ebe92f9e
93dfc6ad110c1e68a28d173f3b7f1ec26c4e532b70411af7b4a4b7515e92a3d9
95db6265c2c336d53707a24c7f8ccfcc921965c848f18bfc64988ddf4fdf8b75
963bd10345f70bf05d8735d5e33a7586d1c4b5e8a5b45861d36febe8be0d9af8
96c8e8fec3b7d6dc1fbd6595c6f4729c451f64b884c26786b3c0937c107d3a45
99313aa44054ac4338812d8221ca851fe204c8663379f3a158671b623f820af3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9bc2f45a9ad31d9fa83e70cc529d9aebfe732b00b79307add68b0e0aacb0631f
9bd3d93a32f0006043ab2fcad439202fc29f027cb39f7706565050d3f7accbb4
9c0f3b2b529b4701c795e6730f7d30e5554a657da839a0160ebe1cefb7c7f016
9c10b833e48d8d5539007bea8c010670e39582aa80bb4c3d1de7174e809f7f9c
9d341447828796fe3d9c13df41f7e1066f4cb4730571fe61c1bd6ac8df7e82fa
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571
9e1a5ec0ec3bc28dfa98696e338c1bb7d63e2fe2c0ba6f547727e41e0611c84d
9e3c3c9dc24c88ba3faedd92493c57fffd88212868425c2d92895d7ee0fb1392
9e3e71d21592c456fce42d7ceb97f43d49828f0f9cf814ce54c1c62d09b62bec
9eba335d8cc9318be05e1b1e2e4be1fbdd5b0ff34bb7db6eee52b55f8714ed8c
9ee259715a992d48e57dcbddc0c9dfdf0eccfe9380fabb7e450e9e6275b49166
9ef507894e158a8ab8a838484903d74d5af958a72c0673006b842c58d930ecf0
9fe53095d8381a3ffa7042a8cf71204970cb81a0898c50345f821f5dc289ac3a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a198f092051a356c1e62c1296f628da5732045abafbd974eb7fff157e14ff042
a1b95607d3ea9371fb72c392e8ae3d77dd3a4a315cedacd47cbaa0d2b44a53b1
a1c5bcc6294dd4b6fcdb351ad81a69edfb6af657e3730a048ba5db532647248b
a2000abab5cc7c611a70982a43702aa7d8cc0cc151a35eedc47b7589e45bf141
a20cfc6a4b1073b01343e6adfe938d7928e99fa3024ad8ad322babf87fcad877
a22a7d81feb9689bb8ce323b6b3b699af6915353871ec89672e78a0d7eade416
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3d24df0276b0464a135604980e283f1403e523f4edbc3bc7f4d914e58a6d662
a421da0f44c56dcfa97754784f92a621171e2277fac78ac1754475ff3a090775
a48c051360874229ff2d95af5872d7759625a1ad198862174a41db7be86edd88
a4f003edced4cacc9a7c4e34b3582c59acc7645668565a7e83493eb37c1a11b0
a57205464cec8887c2438d7a2c3ca62bfb07d6511a1a1d6ded75a392e3e553b5
a620d0cc0e199b13300d4e785ec1a202189fcca6d647dff49611c5513cf419ad
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a860e393a22f7cd34a28120e6b5f9bdc433a1eeda614b995c6c22b395afcfbe6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3183e958055ef291284e024b039f014739fc7ff716ada502869caef88a916b
aa5ccfa44693677c27c43701013beeb8226d8f3f112f89d64f87a7c3fc2ca6ad
aa7d5858f776d295f1474635ddc68f42619cd2630e00067b501d2dd076841b94
aa9b83421ee1d50fff5a187e72464ea8bd33d44171ee8ceb70e3e2ab77de0b45
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aae17ed54715ee4ed0661ff7fd517caee68fce587880e75a6abfbcb4c425d7ad
ac25fd37238e5c654fb1e07f986a2cfc6b0c11bfe555111e89203a745091f526
ae633993bc7b3cab03ed1c6c815522b7cfeb0b8d34cbd1d97526220fc758b8e3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af5ae4e90f652e290a7ace39165b2ab0bc927a7d1eeee190920f9d2167e51468
b0189b1039f977291afe59ba58d7a3191e9876cf23fbb3cad0511c58bba17f45
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b193a324a396bcc81ae71c1d9dd6b2ea4ee5286c4ed7a01095752ef613e34cb6
b22737ff0cffbc4224eed81781e00c9eb3a242590c59a3c14b11ed5bae83a6f1
b241c919ca18ac130827cb50fed4b1958a6a76a788863012cafa7feab3bb847a
b30c7585cffb26187b198ab10d4dced54f117b46767a3991eb7d74dd948fd44a
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
b37204b03ea6e49d045e6b7cf7d63ffe8e7c7546c0198c079e8447207ae7c25a
b3f915fc4d0a6193c5009ba3f1e6ed7e3ceac82574437f0df5df606c1dd4a4ae
b463c6f820fa79b1fd799921ab71bb0fe73ca13435e89301eb719cab252c6399
b4dc6fee11e954ec8a8ee44c16262522fa640ca7c5c2217768730a63fc1834e2
b6dc70edcd8c8afe15597c78ae9d5356a284cff2545bcd161887652096f1caaf
b9525cf1689e64d66e6f6976db0f3f438a0390479356f50d3b691f09b79e28c2
b9a90fb11d79c9ad4ae5ddae484766bb0d8022e8c4591ba4bc1e427f0e0c5b60
ba4dcf97528b4ec5f358e08b898cbe26b3328da0a8c9419e12b0fceac4a4fef4
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bac5662f4ad8d16fb814c4342ef93a7e8063b08bb95401348037f7aad0c64235
bba2d5622e1a33c1bd924e07f396c234a390f0bf9bb5fd1394521df422ad3607
bbacf79a0487b5ca46e1db609f45d1a0d99b0b72cf925a3a23b4ec365e382138
bbcfee4415ada3401a48af8754b6665e8ed93d6dde71524c26558a66587de75d
bbe0f0802e8fc34a84bab940521a1d7a7764079ac32b4dca16149480ba48c5a6
bc0a9a90d0c508f976a1b8016e92ccfd5bce1bd91dc7328e77934f9a3a6efe02
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
bcbc708657f35c221e95dc2b142ea95a0c45653489b7823f29284b18afe92785
bd885184bbf28bda8e8434ea3f41d2c05c1c27bba62a347c18c01216bab8afcf
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
beabe65680c8743ac2c03b469d77be5bdd4746db71a57352d44924991109fa65
beb263e245a0a8266be08c6f1160fe2209422f230b160d4d761d03fd1cddea8c
bf3f4b159c85e41976ee8d51206226156f7b2bbe522a960dc2c216b46b68b0cf
bf697114dd633c58fe855a69520269c12914780e7d230bf3533a63187124d15a
c09d6f1fea7d0ab9cf3527b9854cfd80cb5d3b01eba9c254fc48192c9ca27442
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2b2b12366bd3469f087ada638386546ccff9813189618ae4682a0726879b3e5
c4085bc8c0b8cdb308147399e12152a808f552c700af0fe15f8059727b3053e3
c44ffc6fd468ec88d421a3c6c581263ba38e93702ca14a7aaf32edebfc5a71e6
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6b4a11051615beb12829724eb8ae535ed1f1a91d671fb3bb129362e4f7b7089
c6ca62f78e9bff74cc165d26f88bd40852ae09eac3417e4224b2a9e830da1c41
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9c9ba61f31b08a24ae47433bff0ff11265be8ba677a0958a9d942fce7742064
c9dcf051262f5b0d6ed8d2a5040014d1d74c2c068a8aca91add3b444c04da8ec
caee74d1c6a6f53b48e04d718406fe307b4f664756ef0653a902664223f9aa95
caf2558c473f0989ccb9e45da327c56bb9f877da13fe442adc10644d75e2f1d9
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cbad99800f156d997c270eafd59d06729d93aeba8c0df6a12b5f54495682b3cb
cbd36d2ab30fc7adc7edcb3bd976822d9800a95a5237dacc440afcefff20bbbc
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cddd8db63d37296149b01b30ad184911700178f66400f45d2d13ac6bb76f3454
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0ead2fe4bf756879574711a9c1d4566156982ac22991d319924f43820fc5493
d15a9f06b04bc011a38af07d49f784b832546963ee6c185c2e9b4ec1a7a20bea
d26836b464990120c8c1eface5c25ad0b1633ce885e68850d54d9e18493d45a3
d31b63e51fae01d7c59c211f49aed288b3c140c0968fc650072790c95322ed51
d3b643c6fee35ecb0c5729a591b1e0858b7ed968abac731317a1b70fd81db6f5
d4ed98afdf07c26938026bc4321a292270ab5e88543721eb3742bdee15e7e522
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
d618843c31c66d3e42e50b14f669b11502635d75b28159f8b76e60a8491efa8e
d74d57cb632e45f92fdfdfef67aa1548bc89035ee31dc0f8883593c372d7beeb
d75469cc2ac7f959e2c765c2dccc9884c09457cc3f1c9c17457d195593f76744
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d8f67c15ef1136522d80b265ec52d3eea969960885ff6a99d40ccef0e3809c5e
d9282c8665a36b0dc1be6b80ff0d9ff1bd7e13e90f21b54c2f2ea237343c31dd
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d982781caeacf01cd9b0ec341c0da72a535340d7d023f46d5f8ffc547c9774cb
da4a76da2f7b8699744313947182d57adebfbea051b931c01df1f73e41d5ff33
dbae3d9f0c37e5e2c5e02029f51baa7c02771d105a3981449c1bdbbfa20c795f
dc12b4a709b8fcc97e0d3e88bfabd05ea578cc1c20b3d06be15491fe2ff51b2a
ddba1e155e8c600a48ef22cb8ca49dd31b33239b325cbf56cd99fe91452cf899
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedf422240f5f1efdab9fd13ad1f360950ac83b49113a100f66dff3e70e7fe2d
df83d1810776ea1effd8a536f0ad32f5a400168a2efaa48c97c1fcf57724900a
e048207576a53281ae094c062f13dbcd6da5f9c8cc0ea82cf2dfe70e4bb192d0
e06a01ff863b19fff735f26c582b800ca396ec26df4fc6c8031a8f3caaa4c9af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e0f3c9a6b77b3794c51fdc76582138a07e4d9cd60109a7bb483a6b07bd7ae681
e26f63c7951e4e5c23aacd31b81740b37a4231d96f6d63b90e0a980f10f4f0b2
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e363440be15ee4c35705349e539cbd41a4578bf7ecd845375f183a294f8d00f4
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fe8ce38a6fdd7a8f83f1fa025073e57e936776a5072d6e87af5796822339a0
e43320aaa3bada157e822806b18d8fe04a405689a100b7dccbdd4e460013625a
e45890c6677e347859c6190acbfb721d161b02e583983b098d8271b8f7420345
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5aedc8850b65270522a00e0f6a65196ec804be7ae19531af2b137cd0df7ac30
e646c7c6285a4fccc8d57415f2884544c30630dfdee643ec13d45ccbe00c8c1a
e64b003b98d7e4351548c7526e745806ebab5ab41dd02fe9df4bbe89b6b013e5
e64ffcbfadf8294589670bf28de0f2318eee59c3628665d2308a04b52d21a7fd
e8856ded00ce50cc8754d3542bc82d67e305b3c3b2cf49fb3fb0ed2303e99d50
e88c4ce8b99dac8de2594f7c0a54464d67b1956907170767f2cd2994fdd99cca
e9156d1c5d6bd67e709d7a771a7a3a613ae5f6a6e3a075b00633a5c5c0ae8ac2
e9817ff441c7044f2d126a3e12b02f624bd2fff669e3f6092d9c92324313df13
e9a1fa7591150bd552bed896336f2f25c63fa60117bf5b2d248d305cec07b1f4
eaeb1ab013aa8b43e9d1f6d7fb3c9908efe4eab632422dd6b1e730f1b55b2b32
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed1923c11bbc7476e5d70e84dc04a17d81d54a919c355280da0e3bd7b7697040
ed5bea79c41b8f448aa42f5755008b5f30b95b7000fd2ba92af1fa9786d45e01
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
eede9245970d735974ed35d0a0277697e88e9c61501c92a0c321c047f5f73596
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef918d23e0eeb1e38b4fc70e16aa0df3aa740065c3b289e916f912d7ebe2db22
f05b6f9877fc4a3f9b4587aba72a9c63c60ce1e26398993498187816366de818
f185da3274e362e135ae9d326d16d6c5dd44304cfd3f7b6bbb0137b343d8147d
f1f8b6a42e065edab2d0d8295fd863984911f254b7f15e75cf6312e7358a642d
f20aa3c1f32442a08428b3f922e78848c790294e3acb607322a235c1ad7fc9c6
f20e0c17371bef7147fad31652e68de3b17aaadc0ec06943e6ca0b2b114a4717
f2a78ec0800976a7fbcd2f14881e6be9588f6f95d7e2ebcae41236f6ecfe3206
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f47b64b8169907ea1a254f965d4dc5c9beca20fedf8feff5755e748888ce9062
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5cd3a54de349377b233cc931083c61ee36b0cd3871cce77d19e42995e03ec00
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f76497733ef6f4fb58df25411bbe8d536cc84920c3969b1354248a565ab8bbba
f78dc703ae379aa7ec8fd6cf32ff98f12277b91fd61ecfaedcc14d555dcda2d0
f861d5bcbc15a01cc2ba0e17b8766a8712464d894ff3d6bd56f7ffe263a0c98f
f8715083a2a168b3a2302f567b7edf3a33736e5375521b044b4b76384273359d
f880ef6584845869e5d81b2960b8eb81ec470b88ea8859dd75a2ef80f56fe8dd
f89756e4d7e60af4f081d9ea1194de02563b4a6b122f69cd489b2da3a47b6b6d
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fb817e37184d03003484ba326a1bf5b9a030187d8cdb96bc00a6b139a67cb4db
fc5e78f2a9559d219b2da52930c2a4cdde5b20db54fc08f49c0ff7c6569499ec
fc9c5e55bc320b5ca4f22e6d9b04317f0cc0159644536039e417628093580721
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fda5a8614b80b9cba81b453b220c0669749064ace87b6b2e4d675631ed0099c4
fdb3a5f6e3182c980503f12c3b7d7a6cbbf899db34df26816ac905acb58f7cdb
fe323be619a76d7dacbca4174b9382f8af50f43b32dd5a95c5a9b993cb93b380
fed1fe335efc5c4d02830390975dcdd195f7eec3621be8936b7e9d1f29794381
fff28980f0a4e5ecb8b5c40070eabc7352939f2755f8d423846e7cfb6a725c48