www.zahav.ru Open in urlscan Pro
143.204.98.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zahav.ru/
Effective URL:
https://www.zahav.ru/
Submission Tags: tranco_l324
Submission: On November 24 via api (November 24th 2021, 7:12:48 am UTC) from DE — Scanned from DE

Summary HTTP 356 Redirects Links 140 Behaviour Indicators

Summary

This website contacted 71 IPs in 12 countries across 51 domains to perform 356 HTTP transactions. The main IP is 143.204.98.65, located in United States and belongs to AMAZON-02, US. The main domain is www.zahav.ru.
TLS certificate: Issued by Amazon on May 26th 2021. Valid for: a year.

This is the only time www.zahav.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	143.204.98.108 143.204.98.108	16509 (AMAZON-02) (AMAZON-02)
11	143.204.98.65 143.204.98.65	16509 (AMAZON-02) (AMAZON-02)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	216.41.223.54 216.41.223.54	33570 (CLOUDPATH) (CLOUDPATH)
4	2a06:98c1:312... 2a06:98c1:3120::15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	167.71.79.41 167.71.79.41	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	185.162.125.103 185.162.125.103	44709 (CLOUDWEBM...) (CLOUDWEBMANAGE-)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2bb::f33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2606:4700:303... 2606:4700:3036::6815:43eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	193.150.127.23 193.150.127.23	56839 (DABLTECH) (DABLTECH)
16	91.226.245.88 91.226.245.88	56839 (DABLTECH) (DABLTECH)
7	104.108.145.107 104.108.145.107	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a01:7e00::f0... 2a01:7e00::f03c:91ff:fea6:3b6d	63949 (LINODE-AP...) (LINODE-AP Linode)
14	104.19.217.61 104.19.217.61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	185.162.95.74 185.162.95.74	41722 (MIRAN-AS ...) (MIRAN-AS Miran DC)
1	143.204.98.97 143.204.98.97	16509 (AMAZON-02) (AMAZON-02)
7	143.204.98.113 143.204.98.113	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.101.73 143.204.101.73	16509 (AMAZON-02) (AMAZON-02)
24	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
8	143.204.98.3 143.204.98.3	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:80e::2014	15169 (GOOGLE) (GOOGLE)
1	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
6	104.108.145.205 104.108.145.205	16625 (AKAMAI-AS) (AKAMAI-AS)
2	138.201.55.248 138.201.55.248	24940 (HETZNER-AS) (HETZNER-AS)
4	82.148.14.195 82.148.14.195	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	146.185.195.90 146.185.195.90	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	143.204.101.191 143.204.101.191	16509 (AMAZON-02) (AMAZON-02)
10	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.108.144.214 104.108.144.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 4	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	84.94.227.80 84.94.227.80	12400 (PARTNER-AS) (PARTNER-AS)
9	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1	82.202.225.240 82.202.225.240	50340 (SELECTEL-MSK) (SELECTEL-MSK)
5 12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	54.77.121.55 54.77.121.55	16509 (AMAZON-02) (AMAZON-02)
1	138.201.55.245 138.201.55.245	24940 (HETZNER-AS) (HETZNER-AS)
1	88.212.234.125 88.212.234.125	7979 (SERVERS-COM) (SERVERS-COM)
2	88.99.129.243 88.99.129.243	24940 (HETZNER-AS) (HETZNER-AS)
2	88.212.252.73 88.212.252.73	7979 (SERVERS-COM) (SERVERS-COM)
54	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
7	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
2	185.170.60.152 185.170.60.152	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2600:9000:215... 2600:9000:2156:5e00:6:834a:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2606:4700:303... 2606:4700:3039::6815:c08f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::ac43:db26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:2400:6:834a:a040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.19.134.78 104.19.134.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.108.144.200 104.108.144.200	16625 (AKAMAI-AS) (AKAMAI-AS)
2 9	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	209.54.180.144 209.54.180.144	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	54.205.198.81 54.205.198.81	14618 (AMAZON-AES) (AMAZON-AES)
1	52.202.47.217 52.202.47.217	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	52.212.5.244 52.212.5.244	16509 (AMAZON-02) (AMAZON-02)
356	71

1 143.204.98.108 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-108.fra50.r.cloudfront.net

zahav.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 143.204.98.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-65.fra50.r.cloudfront.net

www.zahav.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cdn.valuad.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.41.223.54 (Stamford, United States)

ASN33570 (CLOUDPATH, US)

images.newsru.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::15 (United States)

ASN13335 (CLOUDFLARENET, US)

detaly.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cursorinfo.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nep.detaly.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.79.41 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

mignews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.162.125.103 (Haifa, Israel)

ASN44709 (CLOUDWEBMANAGE-, IL)

www.9tv.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2bb::f33 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.files.bbci.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::6815:43eb (United States)

ASN13335 (CLOUDFLARENET, US)

pogoda.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 193.150.127.23 (Israel)

ASN56839 (DABLTECH, IL)

doska.zahav.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 91.226.245.88 (Israel)

ASN56839 (DABLTECH, IL)
PTR: dabltech.co.il

date.zahav.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.108.145.107 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-107.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a01:7e00::f03c:91ff:fea6:3b6d (London, United Kingdom)

ASN63949 (LINODE-AP Linode, LLC, US)

freecurrencyrates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.19.217.61 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
autocounter.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.162.95.74 (Russian Federation)

ASN41722 (MIRAN-AS Miran DC, RU)
PTR: ads5-2.smir10.imcmdb.net

smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-97.fra50.r.cloudfront.net

ecdn.analysis.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.98.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-113.fra50.r.cloudfront.net

ecdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-73.fra50.r.cloudfront.net

d2xerlamkztbb1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.98.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-3.fra50.r.cloudfront.net

img.wcdn.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

hb-dot-valuad.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.108.145.205 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-205.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.55.248 (Fellbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-2.sfa65.imcmdb.net

static.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 82.148.14.195 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: sm-server1-1.ssel25.imcmdb.net

stat.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.195.90 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: target2-1.ssel24.imcmdb.net

target.smi2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-191.fra50.r.cloudfront.net

d221oziut8gs4d.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.89 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 84.94.227.80 (Tel Aviv, Israel)

ASN12400 (PARTNER-AS, IL)
PTR: dana.spd.co.il

jackkuba.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.202.225.240 (Moscow, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: smi2adm2-1.ssel27.imcmdb.net

smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.77.121.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-121-55.eu-west-1.compute.amazonaws.com

tracking1.firstimpression.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.55.245 (Fellbach, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-1.sfa66.imcmdb.net

static3.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.234.125 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-2.sser4.imcmdb.net

static4.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.129.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cdn4-4.sfa66.imcmdb.net

static5.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static2.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.252.73 (Russian Federation)

ASN7979 (SERVERS-COM, US)
PTR: cdn4-1.sser5.imcmdb.net

static8.smi2.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.170.60.152 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a2121.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:5e00:6:834a:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

trendads.reactivebetting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3039::6815:c08f (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:db26 (United States)

ASN13335 (CLOUDFLARENET, US)

trendads-swarm-api.reactivebetting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2400:6:834a:a040:93a1 (United States)

ASN16509 (AMAZON-02, US)

trendads.betfindr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.134.78 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.144.200 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-200.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.108.145.8 (Berlin, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.180.144 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.198.81 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-81.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.47.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-47-217.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.5.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-5-244.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	764 KB
60	zahav.ru 1 redirects zahav.ru www.zahav.ru doska.zahav.ru date.zahav.ru	1 MB
36	doubleclick.net 7 redirects securepubads.g.doubleclick.net ad.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	226 KB
22	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	187 KB
14	lentainform.com jsc.lentainform.com c.lentainform.com cdn.lentainform.com servicer.lentainform.com s-img.lentainform.com cm.lentainform.com autocounter.lentainform.com	83 KB
12	firstimpression.io ecdn.firstimpression.io cdn.firstimpression.io tracking1.firstimpression.io	107 KB
11	adform.net track.adform.net s1.adform.net	71 KB
11	google.com 1 redirects www.google.com adservice.google.com	2 KB
10	casalemedia.com 2 redirects htlb.casalemedia.com a2121.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	20 KB
10	freecurrencyrates.com freecurrencyrates.com	152 KB
9	googletagservices.com www.googletagservices.com	327 KB
9	smi2.net static.smi2.net smi2.net static3.smi2.net static4.smi2.net static5.smi2.net static8.smi2.net static2.smi2.net	103 KB
8	appspot.com hb-dot-valuad.appspot.com	192 B
8	wcdn.co.il img.wcdn.co.il	108 KB
7	ad4m.at ad4m.at as.ad4m.at assets.ad4m.at	43 KB
7	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	40 KB
6	reactivebetting.com trendads.reactivebetting.com trendads-swarm-api.reactivebetting.com	87 KB
6	ampproject.org cdn.ampproject.org	119 KB
5	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com	20 KB
5	google.de www.google.de adservice.google.de	2 KB
5	smi2.ru smi2.ru target.smi2.ru	9 KB
5	pogoda.co.il pogoda.co.il	10 KB
4	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
4	stat.media stat.media	29 KB
3	detaly.co.il detaly.co.il nep.detaly.co.il	299 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	jackkuba.ru jackkuba.ru	9 KB
2	openx.net u.openx.net	414 B
2	cloudfront.net d2xerlamkztbb1.cloudfront.net d221oziut8gs4d.cloudfront.net	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	demdex.net dpm.demdex.net
1	mathtag.com 1 redirects sync.mathtag.com	683 B
1	adentifi.com rtb.adentifi.com	88 B
1	extend.tv 1 redirects sync.extend.tv	546 B
1	adsrvr.org match.adsrvr.org	265 B
1	mgid.com cm.mgid.com	686 B
1	betfindr.com trendads.betfindr.com	5 KB
1	gstatic.com fonts.gstatic.com	21 KB
1	googleadservices.com partner.googleadservices.com	278 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	pubmatic.com ads.pubmatic.com	81 KB
1	analysis.fi ecdn.analysis.fi	2 KB
1	bbci.co.uk c.files.bbci.co.uk	2 KB
1	cursorinfo.co.il cursorinfo.co.il	138 KB
1	9tv.co.il www.9tv.co.il	217 KB
1	mignews.com mignews.com	38 KB
1	newsru.co.il images.newsru.co.il	140 KB
1	googletagmanager.com www.googletagmanager.com	49 KB
1	valuad.cloud cdn.valuad.cloud	192 KB
356	51

	Domain	Requested by
48	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.zahav.ru 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com tpc.googlesyndication.com
32	doska.zahav.ru	www.zahav.ru doska.zahav.ru
23	securepubads.g.doubleclick.net	www.zahav.ru securepubads.g.doubleclick.net www.googletagservices.com
16	date.zahav.ru	www.zahav.ru date.zahav.ru
12	pagead2.googlesyndication.com	ecdn.firstimpression.io pagead2.googlesyndication.com www.zahav.ru www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	www.zahav.ru	www.zahav.ru
10	freecurrencyrates.com	www.zahav.ru
9	mcdp-nydc1.outbrain.com	widgets.outbrain.com
9	googleads.g.doubleclick.net	5 redirects pagead2.googlesyndication.com 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
9	www.googletagservices.com	securepubads.g.doubleclick.net 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
8	hb-dot-valuad.appspot.com	cdn.valuad.cloud
8	img.wcdn.co.il	www.zahav.ru
7	track.adform.net	cdn.valuad.cloud s1.adform.net
7	www.google.com	1 redirects www.zahav.ru securepubads.g.doubleclick.net 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com tpc.googlesyndication.com
6	s-img.lentainform.com	www.zahav.ru
6	cdn.ampproject.org	securepubads.g.doubleclick.net
6	ecdn.firstimpression.io	www.zahav.ru pagead2.googlesyndication.com
6	widgets.outbrain.com	www.zahav.ru widgets.outbrain.com
5	images.outbrainimg.com	www.zahav.ru
5	tracking1.firstimpression.io	ecdn.firstimpression.io
5	pogoda.co.il	www.zahav.ru
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	ad4m.at	s1.adform.net ad4m.at
4	trendads.reactivebetting.com	www.zahav.ru trendads.reactivebetting.com
4	s1.adform.net	track.adform.net s1.adform.net
4	odb.outbrain.com	widgets.outbrain.com
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	ib.adnxs.com	1 redirects cdn.valuad.cloud acdn.adnxs.com
4	stat.media	smi2.ru stat.media
4	smi2.ru	www.zahav.ru static.smi2.net
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
2	cm.g.doubleclick.net	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	js-sec.indexww.com	cdn.valuad.cloud ssum-sec.casalemedia.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	cm.lentainform.com	jsc.lentainform.com
2	trendads-swarm-api.reactivebetting.com	trendads.reactivebetting.com
2	fonts.googleapis.com	tpc.googlesyndication.com trendads.reactivebetting.com
2	mv.outbrain.com	widgets.outbrain.com
2	a2121.casalemedia.com	cdn.valuad.cloud
2	static8.smi2.net	www.zahav.ru
2	jackkuba.ru	securepubads.g.doubleclick.net jackkuba.ru
2	2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	u.openx.net	cdn.valuad.cloud
2	mug.criteo.com	www.zahav.ru
2	gum.criteo.com	1 redirects
2	static.smi2.net	smi2.ru www.zahav.ru
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	jsc.lentainform.com	www.zahav.ru jsc.lentainform.com
2	detaly.co.il	www.zahav.ru
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	sync.mathtag.com	1 redirects
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	sync.extend.tv	1 redirects
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	acdn.adnxs.com	cdn.valuad.cloud
1	assets.ad4m.at	as.ad4m.at
1	cm.mgid.com	www.zahav.ru
1	autocounter.lentainform.com	jsc.lentainform.com
1	trendads.betfindr.com	trendads.reactivebetting.com
1	servicer.lentainform.com	jsc.lentainform.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.lentainform.com	www.zahav.ru
1	c.lentainform.com	jsc.lentainform.com
1	static2.smi2.net	www.zahav.ru
1	static5.smi2.net	www.zahav.ru
1	static4.smi2.net	www.zahav.ru
1	static3.smi2.net	www.zahav.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	smi2.net	www.zahav.ru
1	htlb.casalemedia.com	cdn.valuad.cloud
1	cdn.jsdelivr.net	cdn.valuad.cloud
1	ads.pubmatic.com	cdn.valuad.cloud
1	www.google.de	www.zahav.ru
1	cdn.firstimpression.io	ecdn.firstimpression.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	log.outbrainimg.com	widgets.outbrain.com
1	d221oziut8gs4d.cloudfront.net	d2xerlamkztbb1.cloudfront.net
1	target.smi2.ru	www.zahav.ru
1	widget-pixels.outbrain.com	www.zahav.ru
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	ad.doubleclick.net	www.zahav.ru
1	d2xerlamkztbb1.cloudfront.net	www.zahav.ru
1	ecdn.analysis.fi	www.zahav.ru
1	c.files.bbci.co.uk	www.zahav.ru
1	nep.detaly.co.il	www.zahav.ru
1	cursorinfo.co.il	www.zahav.ru
1	www.9tv.co.il	www.zahav.ru
1	mignews.com	www.zahav.ru
1	images.newsru.co.il	www.zahav.ru
1	www.googletagmanager.com	www.zahav.ru
1	cdn.valuad.cloud	www.zahav.ru
1	zahav.ru	1 redirects
356	94

This site contains links to these domains. Also see Links.

Domain
laps.zahav.ru
weather.zahav.ru
mnenia.zahav.ru
salat.zahav.ru
tourism.zahav.ru
avtomir.zahav.ru
karman.zahav.ru
links.zahav.ru
www.newsru.co.il
detaly.co.il
mignews.com
9tv.co.il
cursorinfo.co.il
nep.detaly.co.il
www.bbc.com
smi.zahav.ru
date.zahav.ru
doska.zahav.ru
newsru.co.il
www.mignews.com
www.9tv.co.il
nep.co.il
www.outbrain.com
loanpride.com
www.hausfrage.de
financeblvd.com
goo16.com
shefence-citional.com
9636fe.nmptrkgqczwgnrb.com
www.postfun.com
editorsnation.com
sportpirate.com
forschung.aktuelles-zur-gesundheit.com
carsandyachts.com
dcx.walla.co.il

Subject Issuer	Validity	Valid
*.zahav.ru Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
valuad.cloud R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.newsru.co.il R3	`2021-11-14` - `2022-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-12` - `2022-08-11`	a year	crt.sh
mignews.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
9tv.co.il Go Daddy Secure Certificate Authority - G2	`2020-02-18` - `2022-02-18`	2 years	crt.sh
www.bbc.co.uk GlobalSign RSA OV SSL CA 2018	`2021-10-14` - `2022-11-13`	a year	crt.sh
doska.zahav.ru R3	`2021-10-19` - `2022-01-17`	3 months	crt.sh
date.zahav.ru R3	`2021-11-04` - `2022-02-02`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
www.freecurrencyrates.com R3	`2021-10-20` - `2022-01-18`	3 months	crt.sh
smi2.ru R3	`2021-11-09` - `2022-02-07`	3 months	crt.sh
analysis.fi Amazon	`2021-01-03` - `2022-02-01`	a year	crt.sh
*.firstimpression.io Sectigo RSA Domain Validation Secure Server CA	`2021-11-21` - `2022-12-05`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.wcdn.co.il Amazon	`2021-05-27` - `2022-06-25`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
smi2.net R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
stat.media R3	`2021-10-08` - `2022-01-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
jackkuba.ru R3	`2021-11-08` - `2022-02-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.betfindr.com Amazon	`2021-01-15` - `2022-02-12`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://www.zahav.ru/
Frame ID: 168E85703D981B87D3683D10DC2192DF
Requests: 108 HTTP requests in this frame

Frame: https://www.zahav.ru/currency
Frame ID: F54F32E6D42D8BDAB76D0F55B6C7D34B
Requests: 12 HTTP requests in this frame

Frame: https://www.zahav.ru/lenta
Frame ID: 989760411E195C01AF88997BB65AE8B3
Requests: 12 HTTP requests in this frame

Frame: https://www.zahav.ru/mirtesen
Frame ID: 7099AA9E4021BD50B200FCB1CDA82720
Requests: 19 HTTP requests in this frame

Frame: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Frame ID: E4C0B50B159642615AAB7725260A515D
Requests: 15 HTTP requests in this frame

Frame: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Frame ID: 3D1960D553E7B34DF4ECFF5BBC7C8590
Requests: 17 HTTP requests in this frame

Frame: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Frame ID: E251E1C3B2AD5C69A54D3EE96AC297C8
Requests: 8 HTTP requests in this frame

Frame: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Frame ID: DC0D98BC4308E520F5579D3B0218DA22
Requests: 8 HTTP requests in this frame

Frame: https://jsc.lentainform.com/z/a/zahav.ru.684064.js?t=12110247
Frame ID: CDFA2BC20AA813D72920B85F38436989
Requests: 3 HTTP requests in this frame

Frame: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4B6795CD62493F860B5F2F45C878CADD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0NHQNpoBMPApm5Iw4u578mDzGQQHguAJ2qxrUseX9rZeBfLh5IuoO4mkT1BQcOpkZH1Rqdxb9omUsQq_nLUKmvewuLwbLQtUehu4w9fyeJb4g-faPDc6XGqikRkg7URUO2D8JPFtRMcdPk6JnJ7WgDqdXQRZGbpO7qJTzA7SNYrBPEJYJiefGWjCO9_mfxCCxMSh70RVa9XIcktIgmyFcV8kDeRotciQQQ7xyZsXBtCco2y3cDKU8QO4lWQpht-t4uMqJZ8XZDf3uel_KvssqDmqNqlLo9xAfLGs_Y88rfKoP4aRgNu2_6UC36T6QIkU3NXdITgub&sai=AMfl-YTLYPlXReI-LafYD2w-tulGBLoa6OsmRiPzZGSfkmQGCr_2msuSV6hekfu855X6bsOoAtaTHRn62veEqKGBC2sV98nDy_fAIRYAksuvahz8hnIccsj9WE1Jc9F83lqX&sig=Cg0ArKJSzP0yTrZ7LlnqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A53635FF14317EF3773A55CD478CF9F7
Requests: 4 HTTP requests in this frame

Frame: https://jackkuba.ru/zahav44/index.html
Frame ID: C62A4F2D9514A221D3D522B07BB09602
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html
Frame ID: DEB3CF6FCB044C0C39318220003647F2
Requests: 1 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=8
Frame ID: 2520D4603E14CA7487008BA953B83B16
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&adk=1812271804&adf=3025194257&lmt=1637737962&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.zahav.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637737962413&bpp=1&bdt=1127&idt=95&shv=r20211111&mjsv=m202111160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce710ba4f546328f-22a4df59f6cb0084%3AT%3D1637737962%3AS%3DALNI_Mb3yIhR0Rdvd8unC6wYMa6xx0TvlA&prev_fmts=300x250&nras=1&correlator=3512372123541&frm=20&pv=1&ga_vid=1436109067.1637737962&ga_sid=1637737962&ga_hid=1415676577&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063796&oid=2&pvsid=432946270986874&pem=447&tmod=1101712990&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&dtd=102
Frame ID: D1AE759AAC326B960DA57F4590633DF6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGi6aCwIIxweLk9TBpTW4NfvY7vX50ahQhIv0oZDpyVBbGlkrDIgYE0CapYXFVcv5ge3ZJd9NRobHUfOnBCVIkMOL9XYcDFg_cDgeXPG9H81iX8PvCdubWK5rg-UHe4tDt-u7PNlWhxYQcmiWCKlqhCFTUbFDfqkyQ4xyK61Q1CEXvmw1rybER8nUYNPVk8n-mVun7bzYa3yESTiCx2GE038Vcytl7BDKIiqdEKtUnCFM_tBEfPAB_iNVMG-Mrs5p9-c05QbNrTH8gEvQT6HzZcztgdd0E1wTDNYzUN7vgrfGGCC6PiCfaiwkPOa1xsTB1IA&sig=Cg0ArKJSzDxsHEqsmqtfEAE&uach_m=[UACH]&adurl=
Frame ID: 46BD2769FF03625DEAB83E076E2A99CC
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrpTxj2yAbCitAFEt4aWYcu4SoO9sR1PQ0kQKCsgLFBH9_H8rd1s0I3yyEs2fl3PiH0NAtfjzTZ_x2RPQ207TyAmBzfNx2Ahn_nBpBjl67FN_acUc5W8sXWXLgQOsNKO_vWTTSBZj0GF7A8awa6jBGodNHps7YL6i2mO2UU_5lAXkCbvjm8wqN07iLlthBMAHSrjKtUPTGY_LJpnZGlaSbUv9kqlwcbuXGepwEeEwmXnfbOQol4in5meIQlpm6gxRGOsSrwB3bu5t_6ea7smZUgeuQeb-pem7NZzILPUIqTe44XI_vtRH8JFCKCrex802zOeVQ1xbUvag&sig=Cg0ArKJSzG5lH2pE_3WqEAE&uach_m=[UACH]&adurl=
Frame ID: 946B50E243B8859F5E160B91C0548E70
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfiCu7gzU5JA1l8OJPjiMUl-XORL0MaPy3kJUPHJQgWtyxKk7wJVYMnDrgHPgCGdDNXFkUcVmmlP_0hiA878neWP7oebeBYYWQ3PMdFeLUAixRBSEXsOl7igIsgaLsdFxLUTH8Wq2YwdXD9OGlaxMOAGN9CdynkWBmE71ThCdL6v7LZQ86voOCzAexD1UzBOlJD5JNwZSyP1Ez7daOiX50x7oE496UlAilsuCCbJYRrC6u4K8lj493V32yMuCPHRDuTPA_eRTvVOjv6VcjD78PbiS9xvyLPBJc_ofXlbK-88F5xF53-1zBvtrRGyi5lumQauQLga9DWg&sig=Cg0ArKJSzIVqJd96dsBeEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B90451C32B8BDE2E4ECDCBA58173125D
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 17F0F08C2DD2F45A5F4FE0B92924CAF2
Requests: 25 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5MKy_PRZx-966PUiU9tfUShesncK9Ow-R--9RpcwxbRy475hU45l6RfLbMW0lUneQGYB00SxOEhQJ5JIiKEOkyvQcqzMhr2dVC4_gZ-x81qOfX6CQX3LSWISm7_z5dr2WoDav5jSMatea3TXM6T00maKU09gI9W9VZTj-ImxVEBTB-aJT32aQr3yX0isGYEzBUAOzeg8eUZvgHH-EIbXk9zDKY0oRSdcccTv0uveW-Keo_vm4BMTrLHusP9wmVABn3xQEvJTf6mnxG0bMAfV_ggXw8H4rVn8bCimKYurFen2woqmEoSpleEvIM9LCsDn6Q_VG-pU&sig=Cg0ArKJSzFL3mhE5XvWFEAE&uach_m=[UACH]&adurl=
Frame ID: 9FEEEE1D8C91A92AECDC06F29888E175
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0QY0B7zNr8PMs9PCqdU5zOZQD-BqaJZZG9sWEIT1CWO7ihPWUO9Xzejr4BpJs1HUBNROYadZ1h4mh6krMgL0kWfuKwaixiDtQyAuNh9FXe5wzRJR62PUxbdYRSUIY-1dot-pUwgMOU3UZlNTDHD301rg5f8B_SRcG_NQZKsRe0NqnXlC0t6UaDrrl6Cr1uKB65NyOuxFoeCpSN2KLT6tZoV6Mk1ncVrd988md2T6SGYxos7yBXkLKp_kyxriggwoqrwV6mkWGtqz3HDQQ7Ame-_xBvRasliehWRNDqzHEctcbttvFpGgVQxyZoQ&sig=Cg0ArKJSzJctatbRK4KREAE&uach_m=[UACH]&adurl=
Frame ID: 575EB75F7BBA50D1E1134CA676B6FE50
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9IdjK0pcXSgJjZUJIJXMnyzAPM9WbF5190rDedeB3hetkUKP5aTetAyNcrDCrJwhMzDDTGuuAHrj3w-VudPTtMerOLTW3iMc4T79nfqtxx_kT5XbvAeXCWB0RQIUBZudLAqUaAC5raHLOfCQ7HbuXf1LILv4QiGt90MITSsKUDKHq2lG5eSG-c25BrWuDH46t2ig0AWcB-2NEYjnFtb5zbyDVIxKefpdJ1pvrFiw6tbBFJGueeZChMCQwMue2BphScYKlUCR_d1T3QxwuOXyN8fFhUvGI1isK6b_2bTwb70d1L9QTKVmrzyzeliXv_drvKwqd&sig=Cg0ArKJSzJuF12-2uAvuEAE&uach_m=[UACH]&adurl=
Frame ID: F915AB90773B45BE9A805AED2710FCA6
Requests: 7 HTTP requests in this frame

Frame: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7D19FA4BEB67133D756C0A1935C097E8
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyrbhWVAWNyZ8J8HsKx--hTNcpW4sw5OExRYJJ_IKCsYgVRelvHFtNXMrXAdR04-TrVoAUBctjmaJGNyO5EHvxbVcBxb62nT5rySERi_YLPE0TGdUnZAVy_pp2QSYiXbK5hx0tnwMA3nJyu17xuxHaieya7ejdVVPqrzT9jvaUlNtmMUzJG_q-N-wfx4rzWSj0OmcvtR43-zjXw3MjT--2bgXU3nllqAJtppelBGAuLwlxret_CsZ2wneqgEtWCnfKSWkg9Sb4WegwYRkj6JH-qXzKXTAEANQ-SNonSe1gVxBIOswcQMvhFRAyn86UyAEaJvoWGqA-r1s&sig=Cg0ArKJSzA7WpJod8Y5REAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: D7748831915381289B58328E719E8867
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html
Frame ID: 99EC52501A9ED7A49544CB18E65BD761
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AD18C67F9D446974A7B868230C49398A
Requests: 2 HTTP requests in this frame

Frame: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;crtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;adfibeg=0;cdata=uwePL8LzkQptA9kXLTCI5iecMQEMn9fjH1h6H1YT8SnNtadr6jOxYDdGRu4XE8jOdc2bOWANBvNPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zddW2FxkfuhdnNNO9OOZ8YTQn6AUM3UzEcpnkTpCdy6-w2;;CREFURL=https%3a%2f%2fwww.zahav.ru%2f;C=1;cpdir=
Frame ID: 800CB35A7DE73981244A71DA3545B427
Requests: 7 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 27C018704220DC569155A66B025937E7
Requests: 1 HTTP requests in this frame

Frame: https://cm.lentainform.com/i-noref.js?cbuster=1637737963529734267301
Frame ID: 994D2CB90443808C85DCCAD20F1442C9
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=36039&b=YxqtrfzXW2uQKWtVH8t3HQt1e2TAT1TXqar&f=q4gUmfBZkzcYdWCZHRt1HRCMwJhPTgTY6H3&c=320&d=50&e=uuDJJRW3uGJghM4j_rnFbM_JnYRY0iIq&g=7c4a186ef481d7fb776330e490485e59%2F132080034052833088&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637737963611&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516442%3Bcrtbwp%3DYZ3l6gAAAACAKBiTHUl4XTnaiCCXSdaxJw5mxw%3Bcrtbdata%3DqOWrwh5Xf6Ml0MIqg0C4qhx3K6omUzT0_dK9bPJMR3rHkfivMSdh5Y4PmTnCefiJRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93MfpzKx5n9n2A9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXkekKdmpyrtTwkT3NG9jyqazFSDL_BSxhuVcMEM6DeeXbNxalxDxHnNSLb7_B3NKuUHhIpkoas3H0%3Badfibeg%3D0%3Bcdata%3DF6HbVtpmvjJtA9kXLTCI5mpSJRxeeJAWofnePrdCD_i55sb3ewVjNoXDEbzWWblEoLw8-A_KJy57bdp-DsExYsX4De8FoXoTV-xGKFmUIVF4krubqxgpJGoGoEi3wyPdiehMxJm-RtfJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.zahav.ru%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: BD2EF5437972F587FBBA31FF318BECDE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0B05C8FFE681B237779F82DE6968A47A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 69A22F4393376D915F26593A5F8233D8
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0E5F6941A92757AD1716E4F653643D4A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D7C555089D118EBF1804FA4906868C86
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 1B7837D9643BF9AA74EF5B6CBC1D34C5
Requests: 1 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=35
Frame ID: 6925DAF0F9787F9A4F15419AC5BA355F
Requests: 1 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=40
Frame ID: 3C24126B88555D515766FBCD373DCEFF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 474C6988D993BB32AB468885D3F7F9D4
Requests: 10 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=36
Frame ID: D07329690A7676EEF016149F3F0AEFC5
Requests: 1 HTTP requests in this frame

Frame: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=38
Frame ID: 19409531AFCDBFEE41FF886EDF43F0CD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://zahav.ru/ HTTP 301
https://www.zahav.ru/ Page URL

Page Statistics

356
Requests

98 %
HTTPS

34 %
IPv6

51
Domains

94
Subdomains

71
IPs

12
Countries

4911 kB
Transfer

10362 kB
Size

37
Cookies

140 Outgoing links

These are links going to different origins than the main page.

URL: https://laps.zahav.ru/
Title: Анекдоты

Search URL Search Domain Scan URL

URL: https://weather.zahav.ru/
Title: Погода

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/
Title: Мнения

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/
Title: Салат

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/
Title: Туризм

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/
Title: Автомир

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/
Title: Карман

Search URL Search Domain Scan URL

URL: https://links.zahav.ru/
Title: Полезные ссылки

Search URL Search Domain Scan URL

URL: http://www.newsru.co.il/
Title: NEWSru

Search URL Search Domain Scan URL

URL: https://detaly.co.il/
Title: Детали

Search URL Search Domain Scan URL

URL: https://mignews.com/news/lenta/all/24?PHPSESSID=3acf62e227aa5b763e32e8be862234f5
Title: MIGnews

Search URL Search Domain Scan URL

URL: https://9tv.co.il/
Title: 9tv

Search URL Search Domain Scan URL

URL: https://cursorinfo.co.il/
Title: Курсор

Search URL Search Domain Scan URL

URL: https://nep.detaly.co.il/
Title: НЭП

Search URL Search Domain Scan URL

URL: https://www.bbc.com/russian
Title: BBC News | Русский

Search URL Search Domain Scan URL

URL: https://smi.zahav.ru/
Title: СМИ на русском

Search URL Search Domain Scan URL

URL: https://date.zahav.ru/?tid=502
Title: Знакомства

Search URL Search Domain Scan URL

URL: https://doska.zahav.ru/
Title: Объявления

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Articles/3472974/%D1%82%D1%80%D0%B8_%D0%BE%D0%B1%D0%B5%D1%89%D0%B0%D0%BD%D0%B8%D1%8F_%D0%B2%D0%BB%D0%B0%D0%B4%D0%B8%D0%BC%D0%B8%D1%80%D0%B0_%D0%BF%D1%83%D1%82%D0%B8%D0%BD%D0%B0
Title: Три обещания Владимира ПутинаПрезидент России встретился в Сочи с палестинским лидером Махмудом Аббасом - первый раз после начала эпидемии коронавируса.

Search URL Search Domain Scan URL

URL: https://mignews.com/news/analitic/stena-razdora.html
Title: Стена раздораНаши политики не знают, сколько времени у них осталось, и стараются провести как можно больше новых законов и радикальных перемен.

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3473006/%D1%8D%D1%82%D0%B8_%D0%BE%D0%B2%D0%BE%D1%89%D0%B8_%D0%BF%D0%BE%D0%B7%D0%B2%D0%BE%D0%BB%D1%8F%D1%82_%D0%BF%D1%80%D0%B8%D0%B4%D0%B0%D1%82%D1%8C_%D1%80%D0%B0%D0%B9%D1%81%D0%BA%D0%B8%D0%B9_%D0%B2%D0%BA%D1%83%D1%81_%D0%B4%D0%B0%D0%B6%D0%B5_%D0%B1%D1%83%D1%82%D0%B5%D1%80%D0%B1%D1%80%D0%BE%D0%B4%D1%83
Title: Эти овощи позволят придать райский вкус даже бутербродуСамый красивый овощ в мире невероятно дешев - и может придать райский вкус даже самому скучному бутерброду.

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Articles/3472749/%D0%BA%D0%B0%D0%BA%D0%B8%D0%B5_%D0%B2%D1%8B%D0%BF%D0%BB%D0%B0%D1%82%D1%8B_%D0%BC%D0%BE%D0%B6%D0%B5%D1%82_%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D1%82%D1%8C_%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D0%BE%D0%B9_%D1%81%D0%B8%D1%83%D0%B4%D0%B8_%D0%BE%D1%82_%D0%BA%D1%83%D0%BF%D0%B0%D1%82_%D1%85%D0%BE%D0%BB%D0%B8%D0%BC
Title: Какие выплаты может получить больной "сиуди"У Тамары есть страховка по долгосрочному уходу "Битуах сиуди". Но она об этом не знала! И не знала, что имеет право на получение 4500 шек в месяц.в сотрудничестве с адв. Меирой Зоар

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Articles/3472033/%D0%BE%D0%B4%D0%BD%D0%B8%D0%BC_%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE_%D0%B0_%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D0%BC_%D0%BD%D0%B5%D0%BB%D1%8C%D0%B7%D1%8F_%D0%B3%D0%B5%D0%BD%D0%B4%D0%B5%D1%80%D0%BD%D1%8B%D0%B5_%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%82%D1%8B_%D0%B2_%D1%80%D0%B0%D0%B7%D0%BD%D1%8B%D1%85_%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%B0%D1%85
Title: Одним можно, а другим нельзя: гендерные запреты в разных странахЧто запрещено мужчинам в мадридских автобусах, как в Туркменистане женщине купить сигареты и почему в Ирландии 28 февраля пустынно?

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/Articles/3472811/kia_hyundai_subaru_%D0%B8_%D0%B4%D1%80%D1%83%D0%B3%D0%B8%D0%B5_%D0%B3%D0%BB%D0%B0%D0%B2%D0%BD%D1%8B%D0%B5_%D0%BF%D1%80%D0%B5%D0%BC%D1%8C%D0%B5%D1%80%D1%8B_%D0%BC%D0%BE%D1%82%D0%BE%D1%80%D1%88%D0%BE%D1%83_%D0%B2_%D0%BB%D0%BE%D1%81%D0%B0%D0%BD%D0%B4%D0%B6%D0%B5%D0%BB%D0%B5%D1%81%D0%B5
Title: Kia, Hyundai, Subaru и другие. Главные премьеры в Лос-АнджелесеПредвестники флагманов Hyundai и Kia, новый массовый кроссовер Subaru, очень быcтрые Porsche и другие премьеры автосалона в Лос-Анджелесе.

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3472998/%D1%85%D0%B5%D0%BB%D0%B5%D0%BD_%D0%BC%D0%B8%D1%80%D1%80%D0%B5%D0%BD_%D0%BF%D0%BE%D0%B4%D0%B2%D0%B5%D1%80%D0%B3%D0%BB%D0%B0%D1%81%D1%8C_%D0%BD%D0%B0%D0%BF%D0%B0%D0%B4%D0%BA%D0%B0%D0%BC_%D0%B7%D0%B0_%D1%82%D0%BE_%D1%87%D1%82%D0%BE_%D0%BE%D0%BD%D0%B0_%D0%B8%D0%B3%D1%80%D0%B0%D0%B5%D1%82_%D1%80%D0%BE%D0%BB%D1%8C_%D0%B3%D0%BE%D0%BB%D0%B4%D1%8B_%D0%BC%D0%B5%D0%B8%D1%80
Title: Хелен Миррен подверглась нападкам за то, что она играет Голду Меир76-летняя актриса подверглась нападкам в социальных сетях. "Уродливые сионисты, а Хелен Миррен должна потерять из-за этого свое звание Дамы".

Search URL Search Domain Scan URL

URL: https://www.newsru.co.il/
Title: NEWSru Israel

Search URL Search Domain Scan URL

URL: https://newsru.co.il/israel/24nov2021/binyamin_702.html
Title: В округе Биньямин вновь разрушен форпост

Search URL Search Domain Scan URL

URL: https://newsru.co.il/israel/24nov2021/ka_104.html
Title: "Привет от Ахувии": в Кирьят-Арбе сгорел полицейский автомобиль

Search URL Search Domain Scan URL

URL: https://newsru.co.il/health/24nov2021/covid_d_103.html
Title: Смертность от коронавируса в мире: за неделю объявлено о 54 тыс. умерших от COVID-19, в Израиле умерли 29 больных

Search URL Search Domain Scan URL

URL: https://newsru.co.il/israel/24nov2021/meridor_701.html
Title: Саар вводит Дана Меридора в комиссию по отбору кандидатов на должность юридического советника правительства

Search URL Search Domain Scan URL

URL: https://detaly.co.il/sereznoe-preduprezhdenie-tsahalu-nado-menyatsya/
Title: Серьезное предупреждение ЦАХАЛу: надо меняться

Search URL Search Domain Scan URL

URL: https://detaly.co.il/liberman-sbit-s-tolku-on-dumaet-chto-on-ministr-oborony/
Title: Либерман перепутал, он думает, что он министр обороны

Search URL Search Domain Scan URL

URL: https://detaly.co.il/tretij-ne-lishnij-v-kakom-sluchae-pare-stoit-vmeste-pojti-k-psihologu/
Title: Третий не лишний: в каком случае паре стоит вместе пойти к психологу

Search URL Search Domain Scan URL

URL: https://detaly.co.il/sud-nad-netaniyagu-master-manipulyatsii-ego-potopit/
Title: Суд над Нетаниягу: мастер манипуляции его потопит

Search URL Search Domain Scan URL

URL: https://detaly.co.il/v-kiryat-arbe-sozhgli-politsejskij-avtomobil-i-ostavili-podpis/
Title: В Кирьят-Арбе сожгли полицейский автомобиль. Надпись была начертана на стене

Search URL Search Domain Scan URL

URL: https://detaly.co.il/grazhdan-prosyat-zabrat-uteryannye-v-knessete-veshhi/
Title: Граждан просят забрать утерянные в кнессете вещи

Search URL Search Domain Scan URL

URL: https://detaly.co.il/i-tyurma-ne-pomeha-dvoe-zaklyuchennyh-vymanivali-dengi-u-izrailtyan-po-telefonu/
Title: И тюрьма не помеха. Двое заключенных выманивали деньги у израильтян по телефону

Search URL Search Domain Scan URL

URL: https://detaly.co.il/v-detskih-sadah-budut-uchit-gendernomu-ravenstvu/
Title: В детских садах будут учить гендерному равенству

Search URL Search Domain Scan URL

URL: https://detaly.co.il/vremennyj-poverennyj-v-delah-izrailya-v-polshe-vernetsya-v-varshavu-konets-krizisa/
Title: Временный поверенный в делах Израиля в Польше вернется в Варшаву. Конец кризиса?

Search URL Search Domain Scan URL

URL: https://detaly.co.il/pogoda-v-izraile-bez-sushhestvennyh-izmenenij-temperatury-4/
Title: Погода в Израиле: без существенных изменений температуры

Search URL Search Domain Scan URL

URL: https://www.mignews.com/
Title: MIGnews.com

Search URL Search Domain Scan URL

URL: https://mignews.com/news/disasters/sirijskaya-raketa-vzorvalas-u-poberezhya-hajfy.html
Title: Сирийская ракета взорвалась у побережья Хайфы

Search URL Search Domain Scan URL

URL: https://mignews.com/news/lifestyle/arkadij-duhin-pereehal-zhit-v-otel.html
Title: Аркадий Духин переехал жить в отель

Search URL Search Domain Scan URL

URL: https://mignews.com/news/politic/nir-barkat-sleduyushej-vojnoj-budet-pervaya-vojna-s-iranom.html
Title: Нир Баркат: "Следующей войной на севере будет Первая война с Ираном"

Search URL Search Domain Scan URL

URL: https://mignews.com/news/politic/omer-bar-lev-my-pozhertvovali-bezopasnostyu-zhenshin-radi-instituta-semi.html
Title: Омер Бар-Лев: мы пожертвовали безопасностью женщин ради института семьи

Search URL Search Domain Scan URL

URL: http://www.9tv.co.il/item/36692
Title: Что это было? Хомс: Израиль ночью высветил свое отношение к возможной сделке США и Ирана

Search URL Search Domain Scan URL

URL: http://www.9tv.co.il/item/36693
Title: В Германии богослов прививал людей, притворившись врачом

Search URL Search Domain Scan URL

URL: http://www.9tv.co.il/item/36691
Title: Прогноз погоды в Израиле: сухо, не жарко и комфортно

Search URL Search Domain Scan URL

URL: http://www.9tv.co.il/item/36689
Title: Коронавирус в Израиле: число зараженных резко подскочило, правительство продлило ограничения

Search URL Search Domain Scan URL

URL: https://cursorinfo.co.il/politics/mahmud-abbas-vstretilsya-s/
Title: Махмуд Аббас встретился с Путиным в Сочи

Search URL Search Domain Scan URL

URL: https://cursorinfo.co.il/coronavirus/opros-44-protsenta-roditelej-gotovy-vaktsinirovat-svoih-detej/
Title: Опрос: 44 процента родителей готовы вакцинировать своих детей

Search URL Search Domain Scan URL

URL: https://cursorinfo.co.il/coronavirus/tela-semi-evreev-umershih-ot-covid-19-otpravleny-v-izrail-iz-marokko-dlya-perezahoroneniya/
Title: Тела семи евреев, умерших от COVID-19, отправлены в Израиль из Марокко для перезахоронения

Search URL Search Domain Scan URL

URL: https://cursorinfo.co.il/politics/izrail-otpravil-svoego-posla-v-polshu-na-fone-snizheniya-napryazhennosti/
Title: Израиль отправил своего посла в Польшу на фоне снижения напряженности

Search URL Search Domain Scan URL

URL: https://nep.co.il/
Title: НЭП

Search URL Search Domain Scan URL

URL: https://nep.detaly.co.il/liberman-pereputal-on-dumaet-chto-on-ministr-oborony/
Title: Либерман перепутал, он думает, что он министр обороны

Search URL Search Domain Scan URL

URL: https://nep.detaly.co.il/v-turtsii-nachalis-volneniya-na-fone-obvala-liry/
Title: В Турции начались волнения на фоне обвала лиры

Search URL Search Domain Scan URL

URL: https://nep.detaly.co.il/zabolevaemost-i-smertnost-ot-koronavirusa-v-mire-vnov-rastut/
Title: Заболеваемость и смертность от коронавируса в мире вновь растут

Search URL Search Domain Scan URL

URL: https://nep.detaly.co.il/frantsuzskaya-aviakompaniya-otkladyvaet-vyhod-na-izrailskij-rynok/
Title: Французская авиакомпания-бутик откладывает выход на израильский рынок

Search URL Search Domain Scan URL

URL: https://www.bbc.com/russian/news-59398231?xtor=AL-73-%5Bpartner%5D-%5Bzahav.ru%5D-%5Bheadline%5D-%5Brussian%5D-%5Bbizdev%5D-%5Bisapi%5D
Title: Дайджест: Apple подала в суд из-за слежки за айфонами; журналисты узнали о последних днях Эпштейна

Search URL Search Domain Scan URL

URL: https://www.bbc.com/russian/news-59389803?xtor=AL-73-%5Bpartner%5D-%5Bzahav.ru%5D-%5Bheadline%5D-%5Brussian%5D-%5Bbizdev%5D-%5Bisapi%5D
Title: Адвокат Смирнов и активистка Фатьянова покинули Россию вслед за коллегами

Search URL Search Domain Scan URL

URL: https://www.bbc.com/russian/news-59395414?xtor=AL-73-%5Bpartner%5D-%5Bzahav.ru%5D-%5Bheadline%5D-%5Brussian%5D-%5Bbizdev%5D-%5Bisapi%5D
Title: Трагедия в Висконсине: среди погибших - три “танцующих бабушки”

Search URL Search Domain Scan URL

URL: https://www.bbc.com/russian/features-59382276?xtor=AL-73-%5Bpartner%5D-%5Bzahav.ru%5D-%5Bheadline%5D-%5Brussian%5D-%5Bbizdev%5D-%5Bisapi%5D
Title: Рухнувшая экономика и повальный голод: Афганистан на грани катастрофы

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/ru

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Articles/3406331/%D1%81%D0%B0%D0%BC%D1%8B%D0%B9_%D0%B1%D0%BE%D0%BB%D1%8C%D1%88%D0%BE%D0%B9_%D0%B1%D0%BE%D1%80%D0%B4%D0%B5%D0%BB%D1%8C_%D0%B2_%D0%BC%D0%B8%D1%80%D0%B5_%D0%B8%D0%B7%D1%80%D0%B0%D0%B8%D0%BB%D1%8C%D1%82%D1%8F%D0%BD%D0%B5_%D0%B8_%D0%B4%D1%83%D0%B1%D0%B0%D0%B9?obOrigUrl=true
Title: Самый большой бордель в мире: израильтяне и Дубай zahav.ru

Search URL Search Domain Scan URL

URL: https://loanpride.com/der-unglaubliche-reichtum-der-beruhmtesten-leute-da-drausen-outbrain/?utm_source=outbrain&utm_campaign=007bcbd87ad87318f0a11be78d9342bea4&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+So+viel+Geld+bringt+Marietta+Slomka+mit+nach+Hause&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] So viel Geld bringt Marietta Slomka mit nach Hause Loan Pride | ממומן

Search URL Search Domain Scan URL

URL: https://www.hausfrage.de/artikel/anreiz-fuer-solaranlagen?utm_source=outbrain&utm_medium=referral&utm_campaign=00dbf3d3f327d87ab12f2eb194a7292d0a&utm_content=Solaranlagen%3A+Staat+gibt+aktuell+unfassbaren+Anreiz&utm_placement=$section_name$&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Solaranlagen: Staat gibt aktuell unfassbaren Anreiz Hausfrage.de | ממומן

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Articles/3472320/%D0%B2_%D0%B0%D0%BC%D1%81%D1%82%D0%B5%D1%80%D0%B4%D0%B0%D0%BC%D0%B5_%D0%BD%D0%B5_%D0%B1%D1%83%D0%B4%D1%83%D1%82_%D0%BE%D1%82%D0%BC%D0%B5%D1%87%D0%B0%D1%82%D1%8C_%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9_%D0%B3%D0%BE%D0%B4?obOrigUrl=true
Title: В Амстердаме не будут отмечать Новый год zahav.ru

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Categories/1/Page/1/
Title: Конфликт

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Categories/2/Page/1/
Title: Политика

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Categories/3/Page/1/
Title: Общество

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Categories/4/Page/1/
Title: Экономика

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Categories/5/Page/1/
Title: Культура

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Articles/3472721/%D0%B5%D0%B2%D1%80%D0%B5%D0%B9%D1%81%D0%BA%D0%B8%D0%BC_%D0%BB%D0%B8%D0%B4%D0%B5%D1%80%D0%B0%D0%BC_%D1%82%D1%80%D0%B5%D0%B2%D0%BE%D0%B6%D0%BD%D0%BE_%D0%B2_%D0%B5%D0%B2%D1%80%D0%BE%D0%BF%D0%B5
Title: Еврейским лидерам тревожно в Европе

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Articles/3472720/%D1%81%D0%B0%D0%BC%D1%86%D1%8B_%E2%80%94_%D1%8D%D1%82%D0%BE_%D0%BE%D1%88%D0%B8%D0%B1%D0%BA%D0%B0_%D0%BF%D1%80%D0%B8%D1%80%D0%BE%D0%B4%D1%8B
Title: "Самцы — это ошибка природы"

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Articles/3472653/%D0%B9%D0%B5%D0%BC%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B5_%D0%BC%D1%8F%D1%82%D0%B5%D0%B6%D0%BD%D0%B8%D0%BA%D0%B8_%D0%B7%D0%B0%D1%81%D1%82%D0%B8%D0%B3%D0%BB%D0%B8_%D1%8D%D1%80%D1%80%D0%B8%D1%8F%D0%B4_%D0%B2%D1%80%D0%B0%D1%81%D0%BF%D0%BB%D0%BE%D1%85
Title: Йеменские мятежники застигли Эр-Рияд врасплох

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Articles/3472676/%D1%84%D0%BE%D1%82%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D0%B8%D1%8F_%D1%81_%D0%BA%D0%BE%D0%BC%D0%B0%D0%BD%D0%B4%D0%B8%D1%80%D0%B0%D0%BC%D0%B8_%D0%BE%D0%BA%D0%BA%D1%83%D0%BF%D0%B0%D1%86%D0%B8%D0%BE%D0%BD%D0%BD%D0%BE%D0%B9_%D0%B0%D1%80%D0%BC%D0%B8%D0%B8
Title: Египет хочет ублажить США и запугать Иран - за счет Израиля

Search URL Search Domain Scan URL

URL: https://financeblvd.com/trending/sahra-wagenknecht-house-ob?utm_source=outbrain&utm_campaign=00ac16248b0657962c560e7f4491e9663c&utm_medium=$section_name$__$section_id$&utm_term=%5BBilder%5D+Sahra+Wagenknecht+lebt+mit+ihrem+Partner+in+diesem+wundersch%C3%B6&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Bilder] Sahra Wagenknecht lebt mit ihrem Partner in diesem wunderschönen Haus Finance Blvd | ממומן

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3469421/%D1%83%D0%BC%D0%B5%D1%80%D0%BB%D0%B0_%D0%B1%D0%BE%D0%B3%D0%B8%D0%BD%D1%8F_%D1%81_%D0%BB%D0%B8%D1%86%D0%BE%D0%BC_%D0%B0%D0%BD%D0%B3%D0%B5%D0%BB%D0%B0_%D0%BA%D0%B0%D0%BA%D0%BE%D0%B9_%D0%B1%D1%8B%D0%BB%D0%B0_%D0%BB%D1%8E%D0%B1%D0%BE%D0%B2%D0%BD%D0%B8%D1%86%D0%B0_%D0%BC%D0%B8%D1%80%D0%BE%D0%BD%D0%BE%D0%B2%D0%B0_%D0%B8_%D0%BA%D0%BE%D0%B1%D0%B7%D0%BE%D0%BD%D0%B0?obOrigUrl=true
Title: Умерла "богиня с лицом ангела": какой была любовница Миронова и Кобзона zahav.ru

Search URL Search Domain Scan URL

URL: https://goo16.com/click.php?key=wffwwc9ijqda9hsgra7z&ob_click_id=$ob_click_id$&trafficsource=0094959b6523c364ad8275109f7e00aa47&clickcost=$cpc$&trafficsource_name=$section_name$&siteid=$section_id$&campaign_name=ED_AMS_DE_Desktop_Young_Semi&obOrigUrl=true
Title: Die blaue Pille zu bekommen kann einfacher sein als Sie denken ( finden Sie heraus wie ) Apomeds.com | ממומן

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Categories/1/Page/1/
Title: Celebrities-новости

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Categories/2/Page/1/
Title: Fashion-новости

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Categories/3/Page/1/
Title: Health-новости

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Categories/4/Page/1/
Title: Life-новости

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Categories/5/Page/1/
Title: Provocative-новости

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3472997/%D1%81%D0%B2%D0%B5%D1%82%D0%BB%D0%B0%D0%BD%D0%B0_%D1%81%D0%B2%D0%B5%D1%82%D0%BB%D0%B8%D1%87%D0%BD%D0%B0%D1%8F_%D0%BF%D0%BE%D0%BF%D0%B0%D0%BB%D0%B0_%D0%B2_%D1%80%D0%B5%D0%B0%D0%BD%D0%B8%D0%BC%D0%B0%D1%86%D0%B8%D1%8E
Title: Светлана Светличная попала в реанимацию

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3472758/%D0%B2%D1%81%D0%B5%D0%B3%D0%BE_%D0%BE%D0%B4%D0%BD%D0%B0_%D1%87%D0%B0%D0%B9%D0%BD%D0%B0%D1%8F_%D0%BB%D0%BE%D0%B6%D0%BA%D0%B0_%D1%8D%D1%82%D0%BE%D0%B3%D0%BE_%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82%D0%B0_%D0%B2_%D0%B4%D0%B5%D0%BD%D1%8C_%D0%BF%D0%BE%D0%BD%D0%B8%D0%B7%D0%B8%D1%82_%D1%83%D1%80%D0%BE%D0%B2%D0%B5%D0%BD%D1%8C_%D1%85%D0%BE%D0%BB%D0%B5%D1%81%D1%82%D0%B5%D1%80%D0%B8%D0%BD%D0%B0_%D0%BD%D0%B0_10
Title: Всего одна чайная ложка этого продукта в день понизит уровень холестерина

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3472864/%D0%BF%D1%80%D0%BE%D0%B3%D0%BD%D0%BE%D0%B7%D1%8B_%D0%BF%D0%BB%D0%BE%D1%85%D0%B8%D0%B5_%D0%B0%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80_%D0%B2%D0%B0%D1%81%D0%B8%D0%BB%D1%8C%D0%B5%D0%B2_%D1%81%D0%B4%D0%B5%D0%BB%D0%B0%D0%BB_%D1%81%D1%80%D0%B0%D0%B7%D1%83_%D1%87%D0%B5%D1%82%D1%8B%D1%80%D0%B5_%D0%BF%D1%80%D0%B8%D0%B2%D0%B8%D0%B2%D0%BA%D0%B8_%D0%BE%D1%82_%D0%BA%D0%BE%D0%B2%D0%B8%D0%B4%D0%B0
Title: "Прогнозы плохие": Александр Васильев сделал сразу четыре прививки от ковида

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3472809/%D0%BC%D0%B0%D1%80%D0%B0%D0%B4%D0%BE%D0%BD%D1%83_%D0%BF%D0%BE%D1%85%D0%BE%D1%80%D0%BE%D0%BD%D0%B8%D0%BB%D0%B8_%D0%B1%D0%B5%D0%B7_%D1%81%D0%B5%D1%80%D0%B4%D1%86%D0%B0
Title: Марадону похоронили без сердца

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Categories/1/Page/1/
Title: Израиль

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Categories/8/Page/1/
Title: Европа

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Categories/12879/Page/1/
Title: Мир

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Articles/List/Page/1
Title: Все публикации

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Articles/3472320/%D0%B2_%D0%B0%D0%BC%D1%81%D1%82%D0%B5%D1%80%D0%B4%D0%B0%D0%BC%D0%B5_%D0%BD%D0%B5_%D0%B1%D1%83%D0%B4%D1%83%D1%82_%D0%BE%D1%82%D0%BC%D0%B5%D1%87%D0%B0%D1%82%D1%8C_%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9_%D0%B3%D0%BE%D0%B4
Title: В Амстердаме не будут отмечать Новый год

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Articles/3472557/%D0%B3%D0%B8%D0%BB%D0%B0%D0%B4%D0%B8_%D0%B3%D0%B4%D0%B5_%D1%85%D0%BE%D1%80%D0%BE%D1%88%D0%BE_%D0%B8_%D0%B2%D0%B7%D1%80%D0%BE%D1%81%D0%BB%D1%8B%D0%BC_%D0%B8_%D0%B4%D0%B5%D1%82%D1%8F%D0%BC
Title: "Гилади", где хорошо и взрослым, и детям

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Articles/3472563/%D0%B2_%D1%80%D0%B8%D0%BC%D0%B5_%D1%82%D1%83%D1%80%D0%B8%D1%81%D1%82%D0%BE%D0%B2_%D0%BE%D1%88%D1%82%D1%80%D0%B0%D1%84%D0%BE%D0%B2%D0%B0%D0%BB%D0%B8_%D0%BD%D0%B0_800_%D0%B5%D0%B2%D1%80%D0%BE
Title: В Риме туристов оштрафовали на 800 евро

Search URL Search Domain Scan URL

URL: https://tourism.zahav.ru/Articles/3471964/%D0%BF%D1%83%D1%82%D0%B5%D1%88%D0%B5%D1%81%D1%82%D0%B2%D1%83%D0%B5%D0%BC_%D0%BF%D0%BE_%D0%BF%D0%BE%D0%BB%D1%8C%D1%88%D0%B5_5_%D0%BC%D0%B5%D1%81%D1%82_%D0%BA%D1%83%D0%B4%D0%B0_%D0%BC%D0%BE%D0%B6%D0%BD%D0%BE_%D1%80%D0%B2%D0%B0%D0%BD%D1%83%D1%82%D1%8C_%D0%B8%D0%B7_%D0%B2%D1%80%D0%BE%D1%86%D0%BB%D0%B0%D0%B2%D0%B0_%D0%BD%D0%B0_%D0%BE%D0%B4%D0%B8%D0%BD_%D0%B4%D0%B5%D0%BD%D1%8C
Title: Путешествуем по Польше: 5 мест, куда можно рвануть из Вроцлава на один день

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/Categories/255/Page/1/
Title: Водитель

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/Categories/256/Page/1/
Title: Машина

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/Categories/257/Page/1/
Title: Дорога

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/Articles/List/Page/1
Title: Все публикации

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/Articles/3472802/%D1%81%D0%B5%D1%80%D0%B8%D0%B9%D0%BD%D1%8B%D0%B9_%D0%BA%D1%80%D0%BE%D1%81%D1%81%D0%BE%D0%B2%D0%B5%D1%80_mitsubishi_airtrek_%D1%82%D0%B5%D1%85%D0%BD%D0%B8%D0%BA%D0%B0_%D0%BE%D1%82_%D0%BA%D0%B8%D1%82%D0%B0%D0%B9%D1%81%D0%BA%D0%BE%D0%B3%D0%BE_%D0%B4%D0%BE%D0%BD%D0%BE%D1%80%D0%B0
Title: Кроссовер Mitsubishi Airtrek: техника от китайского донора

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/Articles/3472308/%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B_%D0%B3%D0%B4%D0%B5_%D0%BD%D0%B0%D0%BA%D0%B0%D0%B7%D0%B0%D0%BD%D0%B8%D0%B5_%D0%B7%D0%B0_%D0%BF%D1%80%D0%B5%D0%B2%D1%8B%D1%88%D0%B5%D0%BD%D0%B8%D0%B5_%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8_%D0%BE%D1%87%D0%B5%D0%BD%D1%8C_%D0%B6%D0%B5%D1%81%D1%82%D0%BE%D0%BA%D0%BE
Title: Страны, где наказание за превышение скорости очень жестоко

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/Articles/3472570/%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9_%D1%80%D0%B5%D0%B9%D1%82%D0%B8%D0%BD%D0%B3_%D0%BD%D0%B0%D0%B4%D0%B5%D0%B6%D0%BD%D1%8B%D1%85_%D0%B8_%D0%BD%D0%B5_%D0%BE%D1%87%D0%B5%D0%BD%D1%8C_%D0%B0%D0%B2%D1%82%D0%BE%D0%BC%D0%BE%D0%B1%D0%B8%D0%BB%D0%B5%D0%B9
Title: Новый рейтинг надежных и не очень автомобилей

Search URL Search Domain Scan URL

URL: https://avtomir.zahav.ru/Articles/3472229/8_%D1%81%D1%82%D1%80%D0%B0%D0%BD%D0%BD%D1%8B%D1%85_%D0%BD%D0%BE_%D0%BF%D0%B5%D1%80%D1%81%D0%BF%D0%B5%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D1%8B%D1%85_%D0%B8%D0%BD%D0%BD%D0%BE%D0%B2%D0%B0%D1%86%D0%B8%D0%B9_%D0%B2_%D1%81%D1%84%D0%B5%D1%80%D0%B5_%D1%81%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D1%81%D1%82%D0%B2%D0%B0_%D0%B4%D0%BE%D1%80%D0%BE%D0%B3
Title: 8 странных, но перспективных инноваций в сфере строительства дорог

Search URL Search Domain Scan URL

URL: https://weather.zahav.ru/israel/
Title: Израиль

Search URL Search Domain Scan URL

URL: https://weather.zahav.ru/russia/
Title: Россия

Search URL Search Domain Scan URL

URL: https://weather.zahav.ru/ukraine/
Title: Украина

Search URL Search Domain Scan URL

URL: https://weather.zahav.ru/germany/
Title: Германия

Search URL Search Domain Scan URL

URL: https://weather.zahav.ru/united_states/
Title: США

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Categories/2/Page/1/
Title: Товары и услуги

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Categories/7/Page/1/
Title: Стиль

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Categories/8/Page/1/
Title: Красота и здоровье

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Categories/9/Page/1/
Title: Рестораны

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Categories/14/Page/1/
Title: Питание

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Articles/3472746/black_friday_%D0%B2_sebocalm_%D0%B2%D0%BE%D0%BF%D0%B5%D1%80%D0%B2%D1%8B%D1%85_%D1%8D%D1%82%D0%BE_%D0%BA%D1%80%D0%B0%D1%81%D0%B8%D0%B2%D0%BE
Title: Black Friday в SeboCalm: во-первых, это красиво...

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Articles/3472429/%D0%BA%D1%82%D0%BE%D1%82%D0%BE_%D0%B7%D0%B0_%D0%B3%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B5%D0%B9_%D0%B1%D1%83%D0%B4%D0%B5%D1%82_%D0%B3%D0%BE%D0%B2%D0%BE%D1%80%D0%B8%D1%82%D1%8C_%D0%B2%D0%B0%D0%BC_%D1%81%D0%BF%D0%B0%D1%81%D0%B8%D0%B1%D0%BE_%D0%BA%D1%80%D1%83%D0%B3%D0%BB%D1%8B%D0%B9_%D0%B3%D0%BE%D0%B4
Title: Кто-то за границей будет говорить вам спасибо круглый год!

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Articles/3472449/black_friday_%E2%80%93_%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9_%D0%BA%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9_%D0%B4%D0%B5%D0%BD%D1%8C_%D0%BA%D0%B0%D0%BB%D0%B5%D0%BD%D0%B4%D0%B0%D1%80%D1%8F
Title: Black Friday – новый красный день календаря

Search URL Search Domain Scan URL

URL: https://karman.zahav.ru/Articles/3472501/%D1%87%D0%B5%D1%80%D0%BD%D1%8B%D0%B5_%D0%BD%D0%B0%D1%87%D0%B8%D0%BD%D0%B0%D1%8E%D1%82_%D0%B8_%D0%B2%D1%8B%D0%B8%D0%B3%D1%80%D1%8B%D0%B2%D0%B0%D1%8E%D1%82_black_collection_%D0%BE%D1%82_%C2%AB%D0%B4%D1%80%D0%B0%D0%B3%D0%BE%D1%86%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D0%B8_berkowitz%C2%BB_%D0%BF%D0%BE_%D0%BE%D1%81%D0%BE%D0%B1%D1%8B%D0%BC_%D1%86%D0%B5%D0%BD%D0%B0%D0%BC
Title: Черные начинают и выигрывают: Black Collection от «Драгоценности Berkowitz» по особым ценам

Search URL Search Domain Scan URL

URL: https://date.zahav.ru/?tid=441
Title: Поиск

Search URL Search Domain Scan URL

URL: https://date.zahav.ru/likeornot
Title: Симпатии

Search URL Search Domain Scan URL

URL: https://date.zahav.ru/success
Title: Успешные знакомства

Search URL Search Domain Scan URL

URL: https://date.zahav.ru/polls_list
Title: Опросы

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3415510/%D1%82%D0%B0%D0%BC%D0%B0%D1%80%D0%B0_%D0%B3%D0%BB%D0%BE%D0%B1%D0%B0_%D1%80%D0%B0%D1%81%D1%81%D0%BA%D0%B0%D0%B7%D0%B0%D0%BB%D0%B0_%D0%BE_%D1%81%D1%80%D0%BE%D0%BA%D0%B0%D1%85_%D0%BF%D0%B0%D0%BD%D0%B4%D0%B5%D0%BC%D0%B8%D0%B8_%D0%B8_%D0%B0%D1%82%D0%BC%D0%BE%D1%81%D1%84%D0%B5%D1%80%D0%B5_%D0%BD%D0%B0_%D0%B4%D0%B0%D0%B2%D0%B0%D0%B9_%D0%BF%D0%BE%D0%B6%D0%B5%D0%BD%D0%B8%D0%BC%D1%81%D1%8F?obOrigUrl=true
Title: Тамара Глоба рассказала о сроках пандемии и атмосфере на "Давай поженимся!" zahav.ru

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3453375/%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD_%D0%BB%D1%83%D1%87%D1%88%D0%B8%D0%B9_%D0%BF%D1%80%D0%BE%D0%B4%D1%83%D0%BA%D1%82_%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%B9_%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%D1%82_%D0%BF%D1%80%D0%B5%D0%B4%D0%BE%D1%82%D0%B2%D1%80%D0%B0%D1%82%D0%B8%D1%82%D1%8C_%D1%82%D1%80%D0%BE%D0%BC%D0%B1%D0%BE%D0%B7?obOrigUrl=true
Title: Авокадо: главное полезное свойство, о котором вы не знали zahav.ru

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/05b647a3-ac78-48c2-9dbb-31cddb69ab67?utm_source=ob%E2%80%A6&utm_source=ob&utm_campaign=1002_dk&utm_term=$section_name$&utm_content=000d4afa137a625a18a5afad80fb5c896d-Deutscher+Arzt%3A++Wie+Sie+Ihren+Darm+entleeren&t=$ob_click_id$&a=ob&obOrigUrl=true
Title: Deutscher Arzt: Wie Sie Ihren Darm entleeren Nutrivia | ממומן

Search URL Search Domain Scan URL

URL: https://9636fe.nmptrkgqczwgnrb.com/?network=outbrain&site=$publisher_name$_$section_name$&adtitle=Sehen+Sie%2C+was+Zahnimplantate+mit+vollem+Mund+kosten+k%C3%B6nnen&subid1=$time_stamp$&subid2=00d8bd55ca9b09e2d1d39cd7449ed99df1&subid3=$publisher_id$_$section_id$&subid4=Sehen+Sie%2C+was+Zahnimplantate+mit+vollem+Mund+kosten+k%C3%B6nnen&outbrainclickid=$ob_click_id$&dpco=1&obOrigUrl=true
Title: Sehen Sie, was Zahnimplantate mit vollem Mund kosten können Zahnimplantate | Suchanzeigen | ממומן

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3459759/%D0%BA%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9_%D1%84%D1%80%D1%83%D0%BA%D1%82_%D0%BA%D0%BE%D1%82%D0%BE%D1%80%D1%8B%D0%B9_%D0%BF%D0%BE%D0%BC%D0%BE%D0%B3%D0%B0%D0%B5%D1%82_%D0%B7%D0%B0%D1%81%D0%BD%D1%83%D1%82%D1%8C?obOrigUrl=true
Title: Красный фрукт, который помогает заснуть zahav.ru

Search URL Search Domain Scan URL

URL: https://www.postfun.com/life/wenn-du-diese-wanze-siehst/?utm_campaign=az7-d-de-n-0-0-211120-pu-ob-0&utm_source=ob&utm_medium=$section_id$-ob&utm_content=0068812b8ca3880453785c50c72dd07d74&utm_cpc=$cpc$&obOrigUrl=true
Title: [Fotos] Wenn du diese Wanze siehst, hast du ein großes Problem Post Fun | ממומן

Search URL Search Domain Scan URL

URL: https://editorsnation.com/trending/unzertrennlich-diese-promi-paare-sind-glucklich-zusammen-outbrain?utm_source=outbrain&utm_campaign=0071ec90c6590add7de62cdd17b1b0cd20&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Halt+dich+fest+bevor+du+Stefan+Raab+Frau+jetzt+siehst&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] Halt dich fest bevor du Stefan Raab Frau jetzt siehst Editor's Nation | ממומן

Search URL Search Domain Scan URL

URL: https://mnenia.zahav.ru/Articles/3470812/%D0%B4%D0%BE%D1%81%D1%82%D0%BE%D0%B5%D0%B2%D1%81%D0%BA%D0%B8%D0%B9%D0%B5%D0%B2%D1%80%D0%B5%D0%B9?obOrigUrl=true
Title: Достоевский=еврей zahav.ru

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3440765/%D1%8D%D1%82%D0%BE%D1%82_%D0%BF%D1%80%D0%B8%D0%B7%D0%BD%D0%B0%D0%BA_%D0%B4%D0%B5%D0%BC%D0%B5%D0%BD%D1%86%D0%B8%D0%B8_%D0%BF%D0%BE%D1%8F%D0%B2%D0%BB%D1%8F%D0%B5%D1%82%D1%81%D1%8F_%D1%80%D0%B0%D0%BD%D1%8C%D1%88%D0%B5_%D0%B2%D1%81%D0%B5%D0%B3%D0%BE?obOrigUrl=true
Title: Этот признак деменции появляется раньше всего zahav.ru

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3472997/%D1%81%D0%B2%D0%B5%D1%82%D0%BB%D0%B0%D0%BD%D0%B0_%D1%81%D0%B2%D0%B5%D1%82%D0%BB%D0%B8%D1%87%D0%BD%D0%B0%D1%8F_%D0%BF%D0%BE%D0%BF%D0%B0%D0%BB%D0%B0_%D0%B2_%D1%80%D0%B5%D0%B0%D0%BD%D0%B8%D0%BC%D0%B0%D1%86%D0%B8%D1%8E?obOrigUrl=true
Title: Светлана Светличная попала в реанимацию zahav.ru

Search URL Search Domain Scan URL

URL: https://sportpirate.com/trending/was-macht-eigentlich-promis-deren-stories-uns-bewegten-damals-und-heute-ob-michaelschumacher?utm_source=outbrain&utm_campaign=00bc5d65848a018d4c95810de816719e6c&utm_medium=$section_name$__$section_id$&utm_term=%5BBilder%5D+Er+war+eine+Ikone%2C+heute+sieht+Michael+Schumacher+so+aus&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Bilder] Er war eine Ikone, heute sieht Michael Schumacher so aus Sport Pirate | ממומן

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3461920/%D0%BA%D0%B0%D0%BA_%D1%8D%D1%82%D0%BE_%D0%BD%D0%B0%D0%BF%D0%BE%D0%BB%D0%BD%D1%8F%D0%B5%D1%82_%D0%BD%D0%B0%D1%81_%D0%B4%D1%83%D1%85%D0%BE%D0%B2%D0%BD%D0%BE_%D0%B8%D0%BB%D1%8C%D1%8F_%D1%80%D0%B5%D0%B7%D0%BD%D0%B8%D0%BA_%D0%BF%D0%BE%D0%BC%D0%B5%D0%BD%D1%8F%D0%BB_%D0%BF%D0%BC%D0%B6_?obOrigUrl=true
Title: "Как это наполняет нас духовно!": Илья Резник поменял ПМЖ zahav.ru

Search URL Search Domain Scan URL

URL: https://forschung.aktuelles-zur-gesundheit.com/de-de/lp-psl-outbrain-prf-pdeoutprf211118?utm_source=outbrain&utm_medium=cpc&utm_campaign=pdeoutprf211118&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Ein großer Fehler, den Menschen machen, wenn es um Gelenkschmerzen geht aktuelles-zur-gesundheit.com | ממומן

Search URL Search Domain Scan URL

URL: https://salat.zahav.ru/Articles/3458883/%D0%B4%D1%80%D1%83%D0%B6%D0%B8%D0%BB_%D1%81_%D0%BF%D1%83%D0%B3%D0%B0%D1%87%D0%B5%D0%B2%D0%BE%D0%B9_%D0%BF%D0%B5%D0%BB_%D1%81_%D0%BA%D0%BE%D0%B1%D0%B7%D0%BE%D0%BD%D0%BE%D0%BC_%D0%BE%D0%B1%D0%BD%D0%B8%D0%BC%D0%B0%D0%BB%D1%81%D1%8F_%D1%81_%D0%B1%D0%B0%D1%81%D0%BA%D0%BE%D0%B2%D1%8B%D0%BC_%D0%B0_%D1%83%D0%BC%D0%B5%D1%80_%D0%B2_%D0%BE%D0%B4%D0%B8%D0%BD%D0%BE%D1%87%D0%B5%D1%81%D1%82%D0%B2%D0%B5_%D0%B2_%D1%85%D0%BE%D1%81%D0%BF%D0%B8%D1%81%D0%B5?obOrigUrl=true
Title: Дружил с Пугачевой, пел с Кобзоном, обнимался с Басковым, а умер в одиночестве в хосписе zahav.ru

Search URL Search Domain Scan URL

URL: https://carsandyachts.com/trending/diese-legendaren-promis-sind-fitter-als-jemals-zuvor-schau-dir-den-vergleich-an-fruher-und-heute-ob-tinaturner/?utm_source=outbrain&utm_campaign=00b293ef7c5a8f8d9304dffd2023d9db0a&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Das+ist+sie+mit+81&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] Das ist sie mit 81 Car And Yachts | ממומן

Search URL Search Domain Scan URL

URL: http://dcx.walla.co.il/walla_news_files/26657d5ff9020d2abefe558796b99584.pdf
Title: Декларация о доступности

Search URL Search Domain Scan URL

URL: http://dcx.walla.co.il/walla_news_files/e2ef524fbf3d9fe611d5a8e90fefdc9c.pdf
Title: Правила использования

Search URL Search Domain Scan URL

URL: http://dcx.walla.co.il/walla_news_files/812b4ba287f5ee0bc9d43bbf5bbe87fb.pdf
Title: Политика конфиденциальности

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zahav.ru/ HTTP 301
https://www.zahav.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 122

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zahav.ru%2F&domain=www.zahav.ru&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=aGJC5XxqWkd2NXF2RTlicGYvck1KUmo2QTc2TmgxRHRINXhQNWRZQStoZzhSL083bmFpSzFqNHpCN0xselBodDl3dFNuRlJLTjYzNi9JaFhMakN5RjVXVldOeHZRblpITkR5N29rRjBsZGpQWTZsTURzZ3FmUVFFL1BWNUxKbjR2ejRvN1VTOEhDa3YxQlAvVjYrK0kyeUJwcDVmSzZGNURocXBFTSs2OUVwYVpWSzJJYVpuUWpiT1JhUDhaOGVtcUVKd2FTSzkya0ZmbldTNEdpNnJpaVRrRWx2TStSU05iRXdYc21mTUJmY3dXVjZjPXw&cppv=2

Request Chain 159

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=250&slotname=5496f3e.861ac88&adk=3028301708&adf=2877828173&pi=t.ma~as.5496f3e.861ac88&w=300&lmt=1637737962&psa=0&format=300x250&url=https%3A%2F%2Fwww.zahav.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637737962400&bpp=3&bdt=1114&idt=77&shv=r20211111&mjsv=m202111160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce710ba4f546328f-22a4df59f6cb0084%3AT%3D1637737962%3AS%3DALNI_Mb3yIhR0Rdvd8unC6wYMa6xx0TvlA&correlator=3512372123541&frm=20&pv=2&ga_vid=1436109067.1637737962&ga_sid=1637737962&ga_hid=1415676577&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=985&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063796&oid=2&pvsid=432946270986874&pem=447&tmod=1101712990&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=11&uci=a!b&btvi=1&fsb=1&xpc=Ncr38fvnXH&p=https%3A//www.zahav.ru&dtd=93 HTTP 302
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=8

Request Chain 290

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 340

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=600&slotname=d65eebd.ff328a6&adk=956434102&adf=1016731520&pi=t.ma~as.d65eebd.ff328a6&w=300&lmt=1637737965&psa=0&format=300x600&url=https%3A%2F%2Fwww.zahav.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637737965324&bpp=1&bdt=4038&idt=0&shv=r20211111&mjsv=m202111160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce710ba4f546328f%3AT%3D1637737962%3AS%3DALNI_MauvqGiBNWiBAiCaCKIrbU2UcPwlg&prev_fmts=300x250%2C0x0&nras=1&correlator=3512372123541&frm=20&pv=1&ga_vid=1436109067.1637737962&ga_sid=1637737962&ga_hid=1415676577&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=985&ady=4257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063796&oid=2&pvsid=432946270986874&pem=447&tmod=1101712990&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=13&uci=a!d&btvi=2&fsb=1&xpc=rBysEZJiLQ&p=https%3A//www.zahav.ru&dtd=4 HTTP 302
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=35

Request Chain 341

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=600&slotname=7c0d836.c26cd4d&adk=1842024176&adf=983765939&pi=t.ma~as.7c0d836.c26cd4d&w=160&lmt=1637737965&psa=0&format=160x600&url=https%3A%2F%2Fwww.zahav.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637737965330&bpp=1&bdt=4044&idt=0&shv=r20211111&mjsv=m202111160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce710ba4f546328f%3AT%3D1637737962%3AS%3DALNI_MauvqGiBNWiBAiCaCKIrbU2UcPwlg&prev_fmts=300x250%2C0x0%2C300x600&nras=1&correlator=3512372123541&frm=20&pv=1&ga_vid=1436109067.1637737962&ga_sid=1637737962&ga_hid=1415676577&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=315&ady=1633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063796&oid=2&pvsid=432946270986874&pem=447&tmod=1101712990&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=14&uci=a!e&btvi=3&fsb=1&xpc=hXdt8OhrS5&p=https%3A//www.zahav.ru&dtd=2 HTTP 302
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=40

Request Chain 343

https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 344

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 347

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ3l7ZMhxRsQPWz1QhO0DQAABI4AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ3l7ZMhxRsQPWz1QhO0DQAABI4AAAIB&dcc=t

Request Chain 348

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZ3l7ZMhxRsQPWz1QhO0DQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJkipLLYR2e6eF1F6niJXqU&google_cver=1&gdpr=1

Request Chain 350

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZ3l7ZMhxRsQPWz1QhO0DQAABI4AAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOyTQ1pbDqjNx9BK_Ukxgco&google_cver=1

Request Chain 351

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bef415e3-426f-4da4-a082-d36e30ba3a4c

Request Chain 353

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c6f1619d-e5ed-4d00-9b4b-14097c4a020f&gdpr=1&gdpr_consent=

Request Chain 358

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=600&slotname=cf5042c.1d33ff9&adk=3182670032&adf=469762760&pi=t.ma~as.cf5042c.1d33ff9&w=160&lmt=1637737966&psa=0&format=160x600&url=https%3A%2F%2Fwww.zahav.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637737966323&bpp=1&bdt=5037&idt=1&shv=r20211111&mjsv=m202111160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce710ba4f546328f%3AT%3D1637737962%3AS%3DALNI_MauvqGiBNWiBAiCaCKIrbU2UcPwlg&prev_fmts=300x250%2C0x0%2C300x600%2C160x600&nras=1&correlator=3512372123541&frm=20&pv=1&ga_vid=1436109067.1637737962&ga_sid=1637737962&ga_hid=1415676577&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=985&ady=4257&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063796&oid=2&pvsid=432946270986874&pem=447&tmod=1101712990&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=15&uci=a!f&btvi=4&fsb=1&xpc=g25oir2hEq&p=https%3A//www.zahav.ru&dtd=5 HTTP 302
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=36

Request Chain 359

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=600&slotname=971f632.db8f29c&adk=568524247&adf=3542991247&pi=t.ma~as.971f632.db8f29c&w=120&lmt=1637737966&psa=0&format=120x600&url=https%3A%2F%2Fwww.zahav.ru%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637737966460&bpp=1&bdt=5174&idt=0&shv=r20211111&mjsv=m202111160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce710ba4f546328f%3AT%3D1637737962%3AS%3DALNI_MauvqGiBNWiBAiCaCKIrbU2UcPwlg&prev_fmts=300x250%2C0x0%2C300x600%2C160x600%2C160x600&nras=1&correlator=3512372123541&frm=20&pv=1&ga_vid=1436109067.1637737962&ga_sid=1637737962&ga_hid=1415676577&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=315&ady=1633&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063796&oid=2&pvsid=432946270986874&pem=447&tmod=1101712990&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=16&uci=a!g&btvi=5&fsb=1&xpc=Do8b0UcXku&p=https%3A//www.zahav.ru&dtd=3 HTTP 302
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=38

356 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.zahav.ru/
Redirect Chain

http://zahav.ru/
https://www.zahav.ru/

205 KB
102 KB

40ms
12ms

Document
text/html

143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: cdd45a27aabbc48aed2c2a1128e0aa5908771f813ed1a23a9256799a154c00a3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
date: Wed, 24 Nov 2021 07:12:40 GMT
server: openresty/1.15.8.1
cache-control: public, max-age=60
etag: W/"33369-Gst1Ej9lP6Yqx8KalF/gAryQtVk"
x-cached: HIT
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: FtgVbRgexUgJwX-qR0nhxOyeAEaf-eSrubQ6vc5q-SN_rBBqcUmoNg==
age: 1

Redirect headers

Content-Length: 0
Connection: keep-alive
Date: Wed, 24 Nov 2021 05:21:52 GMT
Location: https://www.zahav.ru/
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: tIPH6mshI_CoDIc2tn4OcXsXoGJGw00FZ6z0VORMHgXivBy3ApvKqA==
Age: 6650

GET
H2 200 logo-desktop.png
www.zahav.ru/public/zahav/images/ 4 KB
5 KB 8ms
8ms Image
image/png 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zahav.ru/public/zahav/images/logo-desktop.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ae633993bc7b3cab03ed1c6c815522b7cfeb0b8d34cbd1d97526220fc758b8e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:30:36 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 12:14:06 GMT
server: openresty/1.15.8.1
age: 67325
etag: W/"1151-17d4cb7aeb0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4433
x-cached: HIT
x-amz-cf-id: B9ZhvvfvEznpmQBnx59fh8mD9DiiBIiN5QepimYR5C8D02xX2VrhSg==

GET
H2 200 1250.png
www.zahav.ru/public/assets/weather/big-icons/ 2 KB
3 KB 8ms
8ms Image
image/png 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zahav.ru/public/assets/weather/big-icons/1250.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 3fb9debb557dd5a533cb73ce06be9d49ed46246953a24a229c6191cde888cac0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:30:36 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 12:14:06 GMT
server: openresty/1.15.8.1
age: 67325
etag: W/"9cc-17d4cb7aeb0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2508
x-cached: HIT
x-amz-cf-id: JGdrtm9rkTs5SQS-7NJTe-4D683ZxVfPIAgmKq5VjWsPAvstjWxvHw==

GET
H/1.1 200
OK zahavru-prod.js Show response
cdn.valuad.cloud/hb/ 696 KB
192 KB 70ms
13ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

ef0973cb3b18ff0678552fa5b096b415333fda69203912fc483394c2685e19a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Connection: Keep-Alive
Last-Modified: Tue, 23 Nov 2021 15:20:01 GMT
x-amz-request-id: tx00000000000004f73aaf9-00619d0abe-19f92f43-fra1a
etag: "389cd44ce253a61bb1e8c3f3a0c340a8"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1637737961.dop168.fr8.t,1637737961.cds103.fr8.shn,1637737961.dop168.fr8.t,1637737961.cds287.fr8.c
Content-Type: application/javascript
cache-control: public, max-age=86400
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 195686

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 138 KB
49 KB 44ms
15ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58RVJLV

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ec5e9527b2ff77e24db371ed266bcb8f415f91f6431d7f22fc240dd1236297c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49529
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Nov 2021 07:12:41 GMT

GET
H/1.1 200
OK 1977466.jpg
images.newsru.co.il/l/197/74/ 139 KB
140 KB 512ms
182ms Image
image/jpeg 216.41.223.54
CLOUDPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.newsru.co.il/l/197/74/1977466.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.41.223.54 Stamford, United States, ASN33570 (CLOUDPATH, US),
Reverse DNS
Software: nginx /
Resource Hash: 3c6338d8fba2bc58292cf93c0fc14c2a50f015f58fb5ab734812bfa8fdd06d5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:07:59 GMT
Last-Modified: Wed, 24 Nov 2021 06:34:40 GMT
Server: nginx
ETag: "619ddd00-22db1"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 142769
Expires: Wed, 01 Dec 2021 07:07:59 GMT

GET
H2 200 555500_Soldiers_dining_room_Ofer_Vaknin.jpg
detaly.co.il/wp-content/uploads/2021/11/ 89 KB
90 KB 86ms
28ms Image
image/jpeg 2a06:98c1:3120::15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://detaly.co.il/wp-content/uploads/2021/11/555500_Soldiers_dining_room_Ofer_Vaknin.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c374cd2f617957c132d99428d99c041cbf5367f75f51a3b0f499bd60f84849

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4163
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 91271
last-modified: Tue, 23 Nov 2021 18:43:47 GMT
server: cloudflare
etag: "619d3663-16487"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMYKQpjhaYS44g3gEh6W3Gs%2B5Dqbm2s5IOznFjnYVEameDnGlZt2d0P%2FFXz5FhFGb%2FrMcoPvPieQtanHq7HqyxugqN34bOdOEeVxqEdVajBntmxaaVPx5wDW7u%2FIREcRhhm%2F2JTmG1Lv0NY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b30d492ad5a59dd-MXP
cf-bgj: h2pri

GET
H2 200 24_11_police_press_3_2_cropped.jpg
detaly.co.il/wp-content/uploads/2021/11/ 178 KB
179 KB 124ms
66ms Image
image/jpeg 2a06:98c1:3120::15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://detaly.co.il/wp-content/uploads/2021/11/24_11_police_press_3_2_cropped.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe2a65a27c2144767b1cc6325cd36538f531cd2cb2b7784644829ba54537093d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 541
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 182128
last-modified: Wed, 24 Nov 2021 07:01:55 GMT
server: cloudflare
etag: "619de363-2c770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zc6tOijtAZStzTyohuqtCZSQNdkcv22kUwn38h8GNLJOla1dpcWTYFqMGNxhmRS6PNWjGvMBMoFMrcKTBl0V%2FpT2IvwNNVz2Tk3Y9AhVK9x8IjhPpY8NoVHNDOG2DVCcNeq84YHrZgHmiAU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b30d492ad5c59dd-MXP
cf-bgj: h2pri

GET
H2 200 b15464918c6dca47b39b604aeade2e41.jpg
mignews.com/media/cache/b1/54/ 37 KB
38 KB 66ms
18ms Image
image/jpeg 167.71.79.41
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mignews.com/media/cache/b1/54/b15464918c6dca47b39b604aeade2e41.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.71.79.41 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e11547b9a42b6984c261a24fcccdeba22e81b647e21f9b98628264b31c5d10da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
last-modified: Wed, 24 Nov 2021 06:58:13 GMT
server: nginx/1.18.0 (Ubuntu)
etag: "619de285-957f"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 38271
expires: Thu, 24 Nov 2022 07:12:41 GMT

GET
H2 200 img_id=17439.jpg
www.9tv.co.il/download/pictures/ 216 KB
217 KB 211ms
67ms Image
image/jpeg 185.162.125.103
CLOUDWEBMANAGE-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.9tv.co.il/download/pictures/img_id=17439.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.162.125.103 Haifa, Israel, ASN44709 (CLOUDWEBMANAGE-, IL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ff4790d21d59f482ed9347c8abce6254ad549e877bdf624c7e471b443d7d407b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
last-modified: Wed, 03 Feb 2021 23:29:34 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "1e96646e84fad61:0"
content-type: image/jpeg
accept-ranges: bytes
content-length: 221550

GET
H2 200 hEeRjdpN3B1JUmeSY79VvJb9vpF0DS2H.jpg
cursorinfo.co.il/wp-content/uploads/2020/01/ 137 KB
138 KB 89ms
32ms Image
image/jpeg 2a06:98c1:3120::15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cursorinfo.co.il/wp-content/uploads/2020/01/hEeRjdpN3B1JUmeSY79VvJb9vpF0DS2H.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b016599c2c3993a2762117380d6960241db667dc2c50ad497434a73051eea50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143153
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 140165
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 24 Jan 2020 10:46:12 GMT
server: cloudflare
etag: "5e2acaf4-22385"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cX2opoKbXkoLIgFG5kIXvt910sPRvLlLaq89ZclPPOSXEiHWKL4z05u9RcVQenRyVd0lvi5nExTL4E3fxK%2BRCZCcilyF9%2BqANNHPEO%2FFvhSXL6NorjVX73Ucl3eb77i62KW0wCueSM2LwdyZomUZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6b30d492ac690f7e-MXP
expires: Tue, 22 Nov 2022 15:26:48 GMT

GET
H2 200 liberman-547649-tomer-appelbaum.jpg
nep.detaly.co.il/wp-content/uploads/2021/07/ 30 KB
31 KB 86ms
30ms Image
image/jpeg 2a06:98c1:3120::15
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nep.detaly.co.il/wp-content/uploads/2021/07/liberman-547649-tomer-appelbaum.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ea6e68f289976303b5b7d9287722d6b904ab62269f5a251a8af0f7dd962f41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6766
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30703
last-modified: Thu, 15 Jul 2021 09:34:22 GMT
server: cloudflare
etag: "60f0011e-77ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rret6jd4T35GEPDN8Ue%2BQ3CDZxnaKkrcK9bYxf45MvbPfvW2%2BclBypXDjd2rSWuHlyibCMoNKGtY6GPuYdGphtcLNjZHHjm7HaYw3PdZb%2Fe2xov6Xd8bNSzSBB6uqBDtZkv28PJjHdj5T8d3Z%2BQU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 6b30d492a9d60f5a-MXP
cf-bgj: h2pri

GET
H2 200 _107184695_2long-nc.png
c.files.bbci.co.uk/E900/production/ 1 KB
2 KB 86ms
16ms Image
image/png 2a02:26f0:6c00:2bb::f33
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.files.bbci.co.uk/E900/production/_107184695_2long-nc.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:2bb::f33 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 99e6ad57587632a7718dac73fed9b80cd0a14a993e90bff4fca15809e855d6db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: rqW84XVfh54OAljLlAoFIMPgUq4LVqql
etag: "8d5477d64b105e2fd4f4ffd16485020c"
nel: {"report_to":"default","max_age": 604800,"include_subdomains":true,"failure_fraction":0.01}
x-amz-request-id: 342B64BB3C1F1093
report-to: {"group":"default","max_age":3600,"endpoints":[ {"url":"https://europe-west1-bbc-otg-traf-mgr-bq-prod-4591.cloudfunctions.net/report-endpoint","priority":1} ],"include_subdomains":true}
content-length: 1080
x-amz-id-2: Q7UnA5se80WOkJy0grgjXQ2jQ0pzzcswjJa7Ne8oDPVZNXXD6k2sEfJLHgfMqqjnYbGwq1+sOck=
last-modified: Mon, 03 Jun 2019 05:02:40 GMT
server: AmazonS3
date: Wed, 24 Nov 2021 07:12:41 GMT
access-control-max-age: 300
access-control-allow-methods: HEAD,GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: https://www.bbc.co.uk, https://www.bbc.com
access-control-allow-headers: *

GET
H2 200 d100_70.png
pogoda.co.il/img/pogoda/ 3 KB
4 KB 80ms
29ms Image
image/png 2606:4700:3036::6815:43eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pogoda.co.il/img/pogoda/d100_70.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 673cfa216f5ba0d28634c396c15255f3efc2c3c4e728f7fcb41b56407541cb9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 95940
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3313
last-modified: Sat, 12 Jun 2021 07:18:46 GMT
server: cloudflare
etag: "cf1-5c48c6f572180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVkhZS5EWZFAy6fMkc6PXT325YU89aOD2nRe2FufCPL3gcXdcUR9XY1%2Fqv1jmNCVl6eTsQr%2BDed7hDuAjEZbPQc%2BKZ1wAECu7dj6HBauWlnSSzjg4r%2BOPXna%2Fm4XvLsAM2W7GjJ71m4mgpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b30d492ee40375b-MXP
expires: Thu, 23 Dec 2021 04:33:41 GMT

GET
H2 200 SE.png
pogoda.co.il/img/ico/ 470 B
804 B 78ms
27ms Image
image/png 2606:4700:3036::6815:43eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pogoda.co.il/img/ico/SE.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28c6695ea4202ee5e9433ece9ce611d857859b1c43992ee3b8ed1b54d5d34bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2268822
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 470
last-modified: Sat, 12 Jun 2021 07:18:46 GMT
server: cloudflare
etag: "1d6-5c48c6f572180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbYMfx9hTtyCBUpEMqhKJp7%2BDYCqB3AzQsbG9ZNuAtKlMAZQ5deW4XFUl0x5YlxVgCE%2FEv0WWbrlc%2FstCaD8FUcSE4SzDrWqMx87q1ccM1rOdLcP21lvInxJTXS5DwHWmhZDtfjr54%2Fq0tQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b30d492ee42375b-MXP
expires: Sun, 28 Nov 2021 00:58:59 GMT

GET
H2 200 d300_70.png
pogoda.co.il/img/pogoda/ 4 KB
4 KB 80ms
29ms Image
image/png 2606:4700:3036::6815:43eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pogoda.co.il/img/pogoda/d300_70.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6c707723cda650cee5b1dfa1280562ae1c4c6aee9cd472e9535657ec36b91a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2334626
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3913
last-modified: Sat, 12 Jun 2021 07:18:46 GMT
server: cloudflare
etag: "f49-5c48c6f572180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eczs%2FQSxIjh0JZwv8FbBPtocTaWM4le1Bk4wz04ueu15yNt%2BrfgURxBzkry4e5r8rfBWIfSLAjaQwqZyU6K%2BYJGqSqbHsTs2p6QLybtavS8LJPZYqLNaRv01erwPY1wFiXdfjU1jA6wiVBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b30d492ee43375b-MXP
expires: Sat, 27 Nov 2021 06:42:15 GMT

GET
H2 200 S.png
pogoda.co.il/img/ico/ 503 B
840 B 79ms
27ms Image
image/png 2606:4700:3036::6815:43eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pogoda.co.il/img/ico/S.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e043bbb0ec44dfed5a5eb8f4cb5a4441668886d2aac49f9c2a739c57a875e241

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89569
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 503
last-modified: Sat, 12 Jun 2021 07:18:46 GMT
server: cloudflare
etag: "1f7-5c48c6f572180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fg6cq8Q760P25%2BdZdoep6VujP07gZeWGu1xWWfw7rXndqFLCSG48cmIBoEfOxbsY%2BGsx7tG3cQtOARZhHtn%2FjMz4N0siw6HG9mDFS7RCeo0rv5s4%2BVIJ0lLEViwKdqTSEJ4tg3bPfLd4Zbg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b30d492ee44375b-MXP
expires: Thu, 23 Dec 2021 06:19:52 GMT

GET
H2 200 E.png
pogoda.co.il/img/ico/ 479 B
1 KB 78ms
26ms Image
image/png 2606:4700:3036::6815:43eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pogoda.co.il/img/ico/E.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:43eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3762f84554b341dd11c81e709e6df40bc62736f16e0c8ea4fe3e7e7c5f1bacf3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 349280
x-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 479
last-modified: Sat, 12 Jun 2021 07:18:46 GMT
server: cloudflare
etag: "1df-5c48c6f572180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFWP5f6XFXCKWHtZqiLgnvdZsdqne3JbSvuMsQlVw8mLWj4w1eeIbgalTFeI03%2BIf%2ByI0aGYOmrGZrzoQC4O3AoXIKukP%2FfsLeQIvs3hxwSqLrBp%2BFvsGLw%2FbgFR8V58R4n%2B%2FV%2FvG%2BpfGBo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6b30d492ee46375b-MXP
expires: Mon, 20 Dec 2021 06:11:21 GMT

GET
H2 200 currency Show response
www.zahav.ru/ Frame F54F 1 KB
1 KB 8ms
8ms Document
text/html 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zahav.ru/currency
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: a620d0cc0e199b13300d4e785ec1a202189fcca6d647dff49611c5513cf419ad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

content-type: text/html; charset=utf-8
server: openresty/1.15.8.1
x-cached: MISS
content-encoding: gzip
date: Wed, 24 Nov 2021 07:02:17 GMT
cache-control: public, max-age=3600
etag: W/"481-zo0sWxMFAagrMqGut94XagQZ/A4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 72idH3Rs24YQroOKl6iNvlpkoujRRZLFEPj94d5kc68jKxY7BQNP2A==
age: 743

GET
H2 200 lenta Show response
www.zahav.ru/ Frame 9897 1 KB
1 KB 8ms
8ms Document
text/html 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zahav.ru/lenta
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 39eb62955ddb5e9b2944d1272f2a935f696d7f8a40bedfcdd2c6ba1790f71aff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

content-type: text/html; charset=utf-8
server: openresty/1.15.8.1
x-cached: MISS
content-encoding: gzip
date: Wed, 24 Nov 2021 06:30:58 GMT
cache-control: public, max-age=3600
etag: W/"59f-hCFVco1TA6shZbYEa4aKwqQqGgI"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3k1oV6yjb6dpxybBYhDXsf_fOnybebp9QzO3PvkqhyfIADaf7LU--g==
age: 2517

GET
H2 200 mirtesen Show response
www.zahav.ru/ Frame 7099 813 B
1 KB 7ms
7ms Document
text/html 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zahav.ru/mirtesen
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 0b7a3a6f3c154e6f2b0e77424fa293292d119780f3043d7e729877e5b4a4c7bd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

content-type: text/html; charset=utf-8
content-length: 813
server: openresty/1.15.8.1
x-cached: MISS
date: Wed, 24 Nov 2021 06:30:58 GMT
cache-control: public, max-age=3600
etag: W/"32d-6K+IWkYGBz3e5BEot3iCgY10Syg"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: x7Cup1Kj4kWDKGlAj1fp4C5XNSh0_nDxVQmVL_DqNtaXdmxPy1pf4g==
age: 2514

GET
H/1.1 200
OK / Show response
doska.zahav.ru/informer/ Frame E4C0 9 KB
3 KB 227ms
72ms Document
text/html 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 4f340f86038fbce1078446f7246c57ab96d1a69a34d9ab2c31c3e40fd0ba92e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

Server: nginx
Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2719
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Wed, 24 Nov 2021 07:11:51 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK / Show response
doska.zahav.ru/informer/ Frame 3D19 10 KB
3 KB 242ms
77ms Document
text/html 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 9c3a7d243ce4564a03a00c6a4fcf493f2ba825bc61e02d4b349cbc421afe815d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

Server: nginx
Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2866
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Wed, 24 Nov 2021 07:11:51 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK iframe.php Show response
date.zahav.ru/ Frame E251 3 KB
2 KB 287ms
72ms Document
text/html 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 555611f5f67088e82a118f6595edde668c63da93d6de868c8b5686506157147d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

Server: nginx
Date: Wed, 24 Nov 2021 07:12:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1144
Connection: keep-alive
Keep-Alive: timeout=20
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 25 Oct 2021 07:12:41 GMT
Last-Modified: Mon, 25 Oct 2021 07:12:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK iframe.php Show response
date.zahav.ru/ Frame DC0D 3 KB
2 KB 447ms
216ms Document
text/html 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 15b60ab0183095d22f09994bc0d3a6dff9743a998d464922d510e35aff0e928e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

Server: nginx
Date: Wed, 24 Nov 2021 07:12:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1106
Connection: keep-alive
Keep-Alive: timeout=20
P3P: CP="CUR ADM OUR NOR STA NID"
Expires: Mon, 25 Oct 2021 07:12:41 GMT
Last-Modified: Mon, 25 Oct 2021 07:12:41 GMT
Cache-Control: no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 bbc_new.jpg
www.zahav.ru/public/zahav/images/ 454 KB
455 KB 12ms
8ms Image
image/jpeg 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zahav.ru/public/zahav/images/bbc_new.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 9fe53095d8381a3ffa7042a8cf71204970cb81a0898c50345f821f5dc289ac3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:30:36 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 12:14:06 GMT
server: openresty/1.15.8.1
age: 67325
etag: W/"718f1-17d4cb7aeb0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 465137
x-cached: HIT
x-amz-cf-id: CX8VFfCVroaC1oQX0-8uzxQx6YS-B49hg8JYLu9eZ6v7u4SqElbcEw==

GET
H2 200 wallaicons.woff
www.zahav.ru/public/font/fonticon/ 15 KB
15 KB 10ms
9ms Font
font/woff 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zahav.ru/public/font/fonticon/wallaicons.woff
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a

Request headers

Referer: https://www.zahav.ru/
Origin: https://www.zahav.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:30:37 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
last-modified: Tue, 23 Nov 2021 12:14:06 GMT
server: openresty/1.15.8.1
age: 67324
etag: W/"3bdc-17d4cb7aeb0"
x-cache: Hit from cloudfront
content-type: font/woff
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 15324
x-cached: MISS
x-amz-cf-id: bJi60XFs3B1BAJchKEvmaXW3lBZQtqDIyIALfGquA0WX4pFm3b6puw==

GET
H2 200 285_8d42c8b3f4839ceaf6ec_8d42c8b3f4839ceaf6ec_walla.js Show response
www.zahav.ru/public/ 294 KB
93 KB 9ms
8ms Script
application/javascript 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zahav.ru/public/285_8d42c8b3f4839ceaf6ec_8d42c8b3f4839ceaf6ec_walla.js
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: ed7536590ff2747730fd1e56d51d14ec4f8fc2edf4d5980073c69261cc87859c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:30:37 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 12:16:13 GMT
server: openresty/1.15.8.1
age: 67324
etag: W/"49690-17d4cb99ec8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nb9ecOS-zTBRDF9iaJRfxq-n3Kjr6y515LHVTwzTPxppMbwG8QpMYg==
x-cached: HIT

GET
H2 200 main_a30d54b3670f7723aee5_a30d54b3670f7723aee5_walla.js Show response
www.zahav.ru/public/ 783 KB
185 KB 9ms
8ms Script
application/javascript 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zahav.ru/public/main_a30d54b3670f7723aee5_a30d54b3670f7723aee5_walla.js
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 1be1b7921934df725ef62fcf8d8f08a4542520d29fc8018ca910cd11f7868b39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:30:34 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 12:16:13 GMT
server: openresty/1.15.8.1
age: 67327
etag: W/"c3b32-17d4cb99ec8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 5QJp9VJ8_kYmlOEORD22Y1qOb2dTsX3-hk34FHV5-R9iufEVfH2eTQ==
x-cached: HIT

GET
H2 200 zahav_7d22135c85ca64c7535a_7d22135c85ca64c7535a_walla.js Show response
www.zahav.ru/public/ 93 KB
23 KB 10ms
9ms Script
application/javascript 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zahav.ru/public/zahav_7d22135c85ca64c7535a_7d22135c85ca64c7535a_walla.js
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: openresty/1.15.8.1 /
Resource Hash: 6dbc009775d8a4b5a7e76fae1b83953e75dc7f7ee0761eeeb88d1961fceecb32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:30:36 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 12:16:13 GMT
server: openresty/1.15.8.1
age: 67325
etag: W/"174ea-17d4cb99ec8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ScQosBLb3OHvo7rjyci856YXbA20YlynwQlORC0llpqktgmyuZ5l2w==
x-cached: HIT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 187 KB
65 KB 89ms
17ms Script
application/x-javascript 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 024f1a1d9460ab485743591d37945a937678f1416e1d5d189114538e2355398b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 01:03:05 GMT
etag: W/"2ed92-pjYAMRADJmo/kZmhL9IEgEYTijE"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 2986c36c4a94e0785d5f0e54c6ea6131
timing-allow-origin: *, *
content-length: 66537
expires: Wed, 24 Nov 2021 11:12:41 GMT

GET
H/1.1 200
OK widget-vertical-editable Show response
freecurrencyrates.com/ru/ Frame F54F 79 KB
23 KB 100ms
46ms Script
application/javascript 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://freecurrencyrates.com/ru/widget-vertical-editable?iso=ILSUSDEURGBPCHFRUBUAH&df=1&p=FsphPQwN4&v=fits&source=fcr&width=300&width_title=0&firstrowvalue=1.00&thm=A6C9E2,FCFDFD,4297D7,5C9CCC,FFFFFF,C5DBEC,FCFDFD,2E6E9E,000000&title=%D0%9A%D0%BE%D0%BD%D0%B2%D0%B5%D1%80%D1%82%D0%B5%D1%80%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82&tzo=-120
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: dd984fafb4fcf853c270e5143c0c48475576d8100cf725c3a483571d06d81fd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 zahav.ru.684064.js Show response
jsc.lentainform.com/z/a/ Frame CDFA 2 KB
1 KB 105ms
41ms Script
text/javascript 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.lentainform.com/z/a/zahav.ru.684064.js?t=12110247
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/lenta
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23656a72bb495bc77bd844aedcded06ad3cdcfbbf9606b0d21e54703ebdcabf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 6274
last-modified: Fri, 19 Nov 2021 09:45:26 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: Z38K04SJDS2H5CFS
x-amz-id-2: mjBcO4FkCGROptOIvRACWhZ/FHkxirpam0f6Sqwq/IIyG4iJfWAIYBNq2De/3l2gX2DbYxe/L4Q=
cf-bgj: minify
server: cloudflare
etag: W/"1cefed083d6768f005a70c930e80b10e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b30d4934e0cd214-MAN
expires: Wed, 24 Nov 2021 10:12:41 GMT

GET
H/1.1 200 98593.js Show response
smi2.ru/data/js/ Frame 7099 5 KB
3 KB 214ms
71ms Script
application/javascript 185.162.95.74
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://smi2.ru/data/js/98593.js
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.162.95.74 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: ads5-2.smir10.imcmdb.net
Software: nginx /
Resource Hash: cdc80cdeb5775fb23ae21bb0351810b03f776bbe41ef46e485fc475390741510

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 24-Nov-2021 07:12:41 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: close

GET
H2 200 fab.js Show response
ecdn.analysis.fi/static/js/ 4 KB
2 KB 36ms
7ms Script
application/javascript 143.204.98.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.analysis.fi/static/js/fab.js
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-97.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:43:44 GMT
content-encoding: gzip
last-modified: Tue, 23 Nov 2021 13:04:51 GMT
server: nginx/1.18.0
age: 1737
etag: W/"619ce6f3-10af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0KCKltLfF0BCHvY5muTbLnuS_NdM38uORBNRIfnh7_nTSwxiWxZQ2A==
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
expires: Wed, 24 Nov 2021 07:43:44 GMT

GET
H2 200 fi_client.js Show response
ecdn.firstimpression.io/ 345 KB
92 KB 56ms
8ms Script
application/javascript 143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ecdn.firstimpression.io/fi_client.js

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-113.fra50.r.cloudfront.net

Software

nginx/1.18.0 / PHP/7.3.23

Resource Hash

38d106ce6fee3feb0f173bced76f37fbec4cfcc166da5fc9b497c4c820369ceb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:43:42 GMT
content-encoding: br
age: 1739
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
x-xss-protection: 0
access-control-allow-origin: *
last-modified: Wed, 24 Nov 2021 06:43:42 UTC
server: nginx/1.18.0
etag: W/"e16df3a06898c99d6a18240a5c132ef8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Zc7rwZSR9rf5jIyG478_cYoLt523oied8d4bp9XJhFgncn4iILottA==
expires: Wed, 24 Nov 2021 07:43:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58RVJLV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 694
date: Wed, 24 Nov 2021 07:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 24 Nov 2021 09:01:07 GMT

GET
H/1.1 200
OK widget.js Show response
d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/ 736 B
1 KB 35ms
8ms Script
application/javascript 143.204.101.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/widget.js
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-73.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b22737ff0cffbc4224eed81781e00c9eb3a242590c59a3c14b11ed5bae83a6f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 26 Jul 2021 00:55:08 GMT
Via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 01 Feb 2018 11:19:16 GMT
Server: AmazonS3
Age: 10477053
ETag: "4d15062a4e2290d32a7e395b47be5382"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=29030400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 736
X-Amz-Cf-Id: jclCRmEZwUGaV3Pra-fpadaETLk_YVBwdbrsy3pp-YE_USEQkGH9BA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 55ms
18ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/public/285_8d42c8b3f4839ceaf6ec_8d42c8b3f4839ceaf6ec_walla.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1053 / 916 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Nov 2021 07:12:41 GMT

GET
H2 200 3311256-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/3/1/1/ 22 KB
23 KB 47ms
10ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_500,t_54/3/3/1/1/3311256-46.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 32266c80aea8a74bc2a5effa05379f3309b7898a49033bd14a9639156c5d3c2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:56:36 GMT
via: 1.1 varnish, 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
age: 965
edge-cache-tag: 277733215684824598338438274649758092322,394006591263767220930856094393604092589,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 22414
x-request-id: 6d7d1eb54d561a4228d5ed955cb4107f
x-served-by: cache-dca17735-DCA
last-modified: Wed, 24 Nov 2021 06:56:37 GMT
server: cloudinary
x-timer: S1637736996.783404,VS0,VE525
etag: "6696cd20229a4edd5c28f3cc4504715f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: UtDM3VfQKP9xZ4SbVO7Mgym4LSylORF2LlgBkZirqyGsJ5EdQ0vUqA==
x-cache-hits: 0

GET
H2 200 3280120-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_300/3/2/8/0/ 12 KB
13 KB 52ms
15ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_300/3/2/8/0/3280120-46.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 7340770b65ecbf03f94060537bf67564e05ab5885a262d38ec4905dbf3033dbc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:10:59 GMT
via: 1.1 varnish, 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
age: 61302
edge-cache-tag: 192167292030805588118476605249472399675,234998621394911990924026881526579830206,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 12230
x-served-by: cache-wdc5536-WDC
last-modified: Tue, 23 Nov 2021 14:10:24 GMT
server: cloudinary
x-timer: S1637676659.995876,VS0,VE23
etag: "7d07d2a713bbb9a5711ee20070995b8a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 0GbcpGsSnf10WjHo1rjlEa5uiWGsxoaXDdkM0tNiUDjRQe0wItkoxA==
x-cache-hits: 0

GET
H2 200 3311296-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_300/3/3/1/1/ 11 KB
12 KB 52ms
15ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_300/3/3/1/1/3311296-46.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 16aa5d8fdf0af208b350a18e4bdbe22192c1c80f47feffd8a8e682c6addd8f97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:04:41 GMT
via: 1.1 varnish, 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
age: 480
edge-cache-tag: 394698949143985594189303658236035097614,234998621394911990924026881526579830206,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 11474
x-request-id: 27fde82ba93513931f221ecde3b6bc6d
x-served-by: cache-bwi5078-BWI
last-modified: Wed, 24 Nov 2021 07:04:27 GMT
server: cloudinary
x-timer: S1637737481.431513,VS0,VE1
etag: "80fc43522829451fd3e390f8a68da8ea"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: _f7NNZTeibbYhwXDX8nmpdyTey31JTyQdtkoNl0XCQ3rQ0QLvc9ypA==
x-cache-hits: 1

GET
H2 200 3039726-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_300/3/0/3/9/ 12 KB
13 KB 53ms
17ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_300/3/0/3/9/3039726-46.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 5c39330d08ba3d7379826f1e5034ef172dcbc08c61f4477960f20b52353052d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:17:50 GMT
via: 1.1 varnish, 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
age: 82491
edge-cache-tag: 186304777377214059491346072882054181251,234998621394911990924026881526579830206,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 12424
x-served-by: cache-bwi5063-BWI
last-modified: Wed, 02 Jun 2021 06:08:22 GMT
server: cloudinary
x-timer: S1637655470.474836,VS0,VE1
etag: "80abd7eb6b25e0d03265a75069ecd847"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: WFzFfH07eZ9VtMqrKwiTKWmhpJJq67gGv3sw8r4fvpa9U7iMhv9jog==
x-cache-hits: 1

GET
H2 200 3309397-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_300/3/3/0/9/ 9 KB
10 KB 52ms
16ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_300/3/3/0/9/3309397-46.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: f25c4a9b5af7edc461eb740f40fdbad0147ecd53a915669652feac6726d33b2b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:35:47 GMT
via: 1.1 varnish, 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
age: 81414
edge-cache-tag: 138797729021214496857260614647337387461,234998621394911990924026881526579830206,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 9537
x-served-by: cache-dca17745-DCA
last-modified: Fri, 19 Nov 2021 08:06:37 GMT
server: cloudinary
x-timer: S1637656547.128673,VS0,VE1
etag: "ad6e34fd997356cfe5ec856eae7b002c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: d3BcwGezN9bNeBXbXS931CEdK2ObeiVVOARUH3j5HnVRy6_8JoG7Jw==
x-cache-hits: 1

GET
H2 200 3311035-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_300/3/3/1/1/ 12 KB
13 KB 52ms
16ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_300/3/3/1/1/3311035-46.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: d4aa78cdbdb8d32c7f93590c7f4572a2f93c25cd7f0d5f87c01d86e4c22b181d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 12:05:37 GMT
via: 1.1 varnish, 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
age: 68824
edge-cache-tag: 346067159444529638692667313629981889206,234998621394911990924026881526579830206,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 12516
x-request-id: 1ce3654c436155bcf15cf1160c3ae1b3
x-served-by: cache-dca17737-DCA
last-modified: Tue, 23 Nov 2021 12:05:15 GMT
server: cloudinary
x-timer: S1637669138.749126,VS0,VE1
etag: "fe8223c3283b6ca331ca7499faee955d"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: X26z9LIntCqXLPpRt8lDAYbKfshysU_9mxC3mqGcP_HcfYHXFS4PFA==
x-cache-hits: 1

GET
H2 200 3311282-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_300/3/3/1/1/ 11 KB
12 KB 43ms
9ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_300/3/3/1/1/3311282-46.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 5c52f5cab1e8476e88f9500e2d5ddea7aa19dfcbe8120f3b6c124a9cf67c0a2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:42:57 GMT
via: 1.1 varnish, 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
age: 1784
edge-cache-tag: 259076641750112471830857729897009745104,234998621394911990924026881526579830206,d2bce9e04f88d43dd8350e859c701704
status: 200 OK
x-cache: Hit from cloudfront
content-length: 11570
x-request-id: 4cfde732ad9e3fb5f2d224c031810edd
x-served-by: cache-bwi5031-BWI
last-modified: Wed, 24 Nov 2021 06:42:58 GMT
server: cloudinary
x-timer: S1637736177.554013,VS0,VE631
etag: "be9f5d094b658b41682a097789134286"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 8ogEr0kf5qphbct9BC-mCR1_PWqmAqr4AjTiWzI0A56AGrt8vSUSgQ==
x-cache-hits: 0

GET
H2 200 3107540-46.jpg
img.wcdn.co.il/f_auto,q_auto,w_300/3/1/0/7/ 13 KB
13 KB 14ms
14ms Image
image/jpeg 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.wcdn.co.il/f_auto,q_auto,w_300/3/1/0/7/3107540-46.jpg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: cloudinary /
Resource Hash: 5c92e614f042b7b706fc3d808225ffa3baf1a3c43a782eb4600ae056a6cd9103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:00:36 GMT
via: 1.1 varnish, 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
age: 725
edge-cache-tag: 146523302186288310446545471266355915482,234998621394911990924026881526579830206,d2bce9e04f88d43dd8350e859c701704
x-cache: Hit from cloudfront
content-length: 13007
x-served-by: cache-wdc5535-WDC
last-modified: Mon, 22 Nov 2021 22:59:20 GMT
server: cloudinary
x-timer: S1637737236.172623,VS0,VE1
etag: "a6fed592ed66eb6173229ff82adf2f72"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31557600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-amz-cf-id: psn20Q4utJyEhoj-3xX8YrojGyFrK59otgkZQGwMfvKfNYTIhGU4sA==
x-cache-hits: 1

OPTIONS
H2 200 init
hb-dot-valuad.appspot.com/ Frame 0
0 139ms
101ms Preflight
text/html 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Origin: https://www.zahav.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.zahav.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: content-type,x-request-id,x-vad-version
x-request-id: undefined
x-cloud-trace-context: 99aaf9479cb134477ff62b56df7dd1e8
date: Wed, 24 Nov 2021 07:12:41 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 init Show response
hb-dot-valuad.appspot.com/ 38 B
87 B 113ms
98ms Fetch
application/json 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/init?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86

Request headers

Accept: application/json
Referer: https://www.zahav.ru/
x-request-id: 18d520a1-90ba-4a91-867d-5918268622fa
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-vad-version: 0.3.7
Content-Type: application/json

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: gzip
server: Google Frontend
etag: W/"26-mVNvu0agnvYcPb+7WMdjUD1kmNU"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zahav.ru
x-cloud-trace-context: 9d27d893582bbf68f8d6d9b10f315b71
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64
x-request-id: undefined

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
664 B 30ms
7ms Image
image/x-icon 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 13:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 24 Nov 2021 13:28:01 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 17ms
17ms Image
image/svg+xml 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
last-modified: Thu, 18 Nov 2021 15:44:04 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1637250888.288614"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Fri, 24 Dec 2021 07:12:41 GMT

GET
H2 200 zahav.ru.684064.es6.js Show response
jsc.lentainform.com/z/a/ Frame CDFA 244 KB
68 KB 41ms
40ms Script
text/javascript 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.lentainform.com/z/a/zahav.ru.684064.es6.js
Requested by: Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/z/a/zahav.ru.684064.js?t=12110247
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 716fdb79ea3fe7056262464bc8380ef4a87bc5c75938d7b9a5d5ee2fb0fb9985

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: br
cf-cache-status: HIT
age: 6274
last-modified: Fri, 19 Nov 2021 09:45:26 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: VJREW0G175BJ3H1F
x-amz-id-2: o+3oGACeB5TCRBKg+OqkEaxJmOPaLouWpnpRmGFzPR/I6FP0pf1ub5blTp9shKvP6cmULiLnvo8=
cf-bgj: minify
server: cloudflare
etag: W/"7df7d5b9b525bbd31951180b932bafe7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 6b30d4957f82d214-MAN
expires: Wed, 24 Nov 2021 10:12:41 GMT

GET
H/1.1 200
OK il.png
freecurrencyrates.com/flags/24/ Frame F54F 587 B
907 B 19ms
19ms Image
image/png 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freecurrencyrates.com/flags/24/il.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 9e3c3c9dc24c88ba3faedd92493c57fffd88212868425c2d92895d7ee0fb1392

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Fri, 01 Jul 2016 20:43:45 GMT
Server: nginx/1.14.2
ETag: "5776d601-24b"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 587
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK us.png
freecurrencyrates.com/flags/24/ Frame F54F 656 B
976 B 40ms
20ms Image
image/png 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freecurrencyrates.com/flags/24/us.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Fri, 01 Jul 2016 20:43:46 GMT
Server: nginx/1.14.2
ETag: "5776d602-290"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 656
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK eu.png
freecurrencyrates.com/flags/24/ Frame F54F 909 B
1 KB 54ms
18ms Image
image/png 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freecurrencyrates.com/flags/24/eu.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: f880ef6584845869e5d81b2960b8eb81ec470b88ea8859dd75a2ef80f56fe8dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Fri, 01 Jul 2016 20:43:45 GMT
Server: nginx/1.14.2
ETag: "5776d601-38d"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 909
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK gb.png
freecurrencyrates.com/flags/24/ Frame F54F 1 KB
1 KB 58ms
21ms Image
image/png 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freecurrencyrates.com/flags/24/gb.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Fri, 01 Jul 2016 20:43:45 GMT
Server: nginx/1.14.2
ETag: "5776d601-499"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 1177
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ch.png
freecurrencyrates.com/flags/24/ Frame F54F 532 B
852 B 60ms
23ms Image
image/png 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freecurrencyrates.com/flags/24/ch.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 5618a1cdf82aad97f1c6240687b1707be691d2453d74a7a0234d62bf4bccd877

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Fri, 01 Jul 2016 20:43:45 GMT
Server: nginx/1.14.2
ETag: "5776d601-214"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 532
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ru.png
freecurrencyrates.com/flags/24/ Frame F54F 403 B
723 B 61ms
20ms Image
image/png 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freecurrencyrates.com/flags/24/ru.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Fri, 01 Jul 2016 20:43:45 GMT
Server: nginx/1.14.2
ETag: "5776d601-193"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 403
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ua.png
freecurrencyrates.com/flags/24/ Frame F54F 476 B
796 B 42ms
19ms Image
image/png 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freecurrencyrates.com/flags/24/ua.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 70549240fea1a10a4c0ec5804693af68a23eeaaff15c9cd1883c0138c81847e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Fri, 01 Jul 2016 20:43:46 GMT
Server: nginx/1.14.2
ETag: "5776d602-1dc"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 476
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK touchcarousel.css
doska.zahav.ru/css/touchcarousel/ Frame E4C0 4 KB
1 KB 69ms
68ms Stylesheet
text/css 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 779154b7d164b359fd271d3babb7d4eac4f48c49a978ec0a6e0a3f646056d13d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "103e-5a7176818d1c9-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1107

GET
H/1.1 200
OK three-d-skin.css
doska.zahav.ru/css/touchcarousel/three-d-skin/ Frame E4C0 2 KB
845 B 65ms
63ms Stylesheet
text/css 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: c6ca62f78e9bff74cc165d26f88bd40852ae09eac3417e4224b2a9e830da1c41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "9bb-5a7176818d1c9-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 558

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
doska.zahav.ru/js/ Frame E4C0 91 KB
33 KB 250ms
130ms Script
application/javascript 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/js/jquery-1.8.3.min.js
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "16dc5-5a717681a0a4a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33433

GET
H/1.1 200
OK jquery.touchcarousel-1.2.min.js Show response
doska.zahav.ru/js/ Frame E4C0 20 KB
5 KB 185ms
64ms Script
application/javascript 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/js/jquery.touchcarousel-1.2.min.js?v=109
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: b3f915fc4d0a6193c5009ba3f1e6ed7e3ceac82574437f0df5df606c1dd4a4ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "4e8e-5a717681a0a4a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5279

GET
H/1.1 200
OK thumb-31f9efb508ad6511f54d5fc329f64ee7-web2.jpg
doska.zahav.ru/img/second-hand/2021-07/14/07/ Frame E4C0 7 KB
7 KB 60ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-07/14/07/thumb-31f9efb508ad6511f54d5fc329f64ee7-web2.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 98a6f5b06a93432ff3190c9ea2dc378082124bbbf6a2c4f150bfdca8a5e62080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Wed, 14 Jul 2021 04:29:11 GMT
Server: nginx
ETag: "60ee6817-1b38"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6968
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-588819cf86dc84eab05271e930f62b2b-web1.jpg
doska.zahav.ru/img/second-hand/2021-01/17/06/ Frame E4C0 8 KB
8 KB 60ms
59ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-01/17/06/thumb-588819cf86dc84eab05271e930f62b2b-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 9841c9163bf0b6771b52553247b66654474a58821e5f41252d88e04a654a8631

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Sun, 17 Jan 2021 04:42:43 GMT
Server: nginx
ETag: "6003c043-1efe"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7934
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-580c7671b6de3e1d60ebdc73fffee0f7-web2.jpg
doska.zahav.ru/img/second-hand/2021-11/22/09/ Frame E4C0 7 KB
7 KB 60ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-11/22/09/thumb-580c7671b6de3e1d60ebdc73fffee0f7-web2.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 16d2f962efd20bc2824674b6690e8537b1f223b57dee39c321d6c2685f9130d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Mon, 22 Nov 2021 19:09:42 GMT
Server: nginx
ETag: "619beaf6-1bf7"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7159
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-b2edc12fc8ba0748dc7b08272e455045-web2.jpg
doska.zahav.ru/img/second-hand/2021-04/14/07/ Frame E4C0 10 KB
11 KB 69ms
67ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-04/14/07/thumb-b2edc12fc8ba0748dc7b08272e455045-web2.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: af0113554bc3983c2c432995ed8a4b40cfa2331aa3eb77ac2a89e5cdcfae6773

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Wed, 02 Jun 2021 15:19:17 GMT
Server: nginx
ETag: "60b7a175-2960"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10592
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-427c51656293f66fc4d20292f0181728-web1.jpg
doska.zahav.ru/img/second-hand/2017-04/05/11/ Frame E4C0 9 KB
9 KB 68ms
67ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2017-04/05/11/thumb-427c51656293f66fc4d20292f0181728-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 2be08cee1fabecbc458c034e76a5201aff210e388eeb6c93809d55ac2a1a5ef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Wed, 05 Apr 2017 08:00:40 GMT
Server: nginx
ETag: "58e4a428-222e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8750
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-9f8c00110990185f13af03679ae73a50-web2.jpg
doska.zahav.ru/img/second-hand/2019-01/13/09/ Frame E4C0 12 KB
12 KB 68ms
67ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2019-01/13/09/thumb-9f8c00110990185f13af03679ae73a50-web2.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 20b9c4931e008ecf26805fe1f9ea7a0a7527085728bc8d80e829e387cdb81bc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Wed, 13 Mar 2019 11:36:55 GMT
Server: nginx
ETag: "5c88eb57-2eb1"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11953
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-82b69a289c057a20fd60c765be0716c4-web1.jpg
doska.zahav.ru/img/second-hand/2017-06/08/08/ Frame E4C0 8 KB
8 KB 66ms
66ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2017-06/08/08/thumb-82b69a289c057a20fd60c765be0716c4-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: ffef300615d351a8d348d62a6a33e175b1f43439fa08656f3d542b2e8b869918

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Thu, 08 Jun 2017 05:56:09 GMT
Server: nginx
ETag: "5938e6f9-1e36"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7734
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-knoq5k0r0ca9zksiuer32prc479pd0rc-web1.jpg
doska.zahav.ru/img/second-hand/2019-06/24/05/ Frame E4C0 4 KB
5 KB 61ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2019-06/24/05/thumb-knoq5k0r0ca9zksiuer32prc479pd0rc-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: b4a06476a8abb5d0cb26b19c9bff44a17ff6519e41a81312643e3ca4d15cfc06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Mon, 24 Jun 2019 15:16:20 GMT
Server: nginx
ETag: "5d10e944-10d0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4304
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-927d55a22c1b87d1283c175b63733fa9-web1.jpg
doska.zahav.ru/img/second-hand/2021-01/22/06/ Frame E4C0 7 KB
7 KB 66ms
61ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-01/22/06/thumb-927d55a22c1b87d1283c175b63733fa9-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: ec3f68c2b1e10acdfc6f1016a92486c277d3bd573f1b9a80c89d1d2b226f348c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Fri, 22 Jan 2021 04:37:29 GMT
Server: nginx
ETag: "600a5689-1cb8"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7352
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-b1ceab9adc710fc06135ef75cd66f3c5-web1.jpg
doska.zahav.ru/img/second-hand/2021-09/20/10/ Frame E4C0 10 KB
10 KB 71ms
66ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-09/20/10/thumb-b1ceab9adc710fc06135ef75cd66f3c5-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: d269382ba228b3bc5b80cc2db93ccb9665e9472f6f9ca7959b9267f8e2ba4cc0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=350&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Mon, 20 Sep 2021 19:11:56 GMT
Server: nginx
ETag: "6148dcfc-277f"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10111
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK d3d3LnphaGF2LnJ1 Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 59ms
14ms XHR
application/json 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnphaGF2LnJ1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=24358
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 898f2a371be8e372bfb1023a8ce660cb
Content-Length: 16
Expires: Wed, 24 Nov 2021 13:58:39 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 32ms
18ms Image
image/gif 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=1.7559883146894286
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Fri, 24 Dec 2021 07:12:41 GMT

GET
H/1.1 200
OK touchcarousel.css
doska.zahav.ru/css/touchcarousel/ Frame 3D19 4 KB
1 KB 117ms
63ms Stylesheet
text/css 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 779154b7d164b359fd271d3babb7d4eac4f48c49a978ec0a6e0a3f646056d13d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "103e-5a7176818d1c9-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1107

GET
H/1.1 200
OK three-d-skin.css
doska.zahav.ru/css/touchcarousel/three-d-skin/ Frame 3D19 2 KB
845 B 134ms
77ms Stylesheet
text/css 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: c6ca62f78e9bff74cc165d26f88bd40852ae09eac3417e4224b2a9e830da1c41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "9bb-5a7176818d1c9-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 558

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
doska.zahav.ru/js/ Frame 3D19 91 KB
33 KB 254ms
138ms Script
application/javascript 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/js/jquery-1.8.3.min.js
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "16dc5-5a717681a0a4a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33433

GET
H/1.1 200
OK jquery.touchcarousel-1.2.min.js Show response
doska.zahav.ru/js/ Frame 3D19 20 KB
5 KB 194ms
66ms Script
application/javascript 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://doska.zahav.ru/js/jquery.touchcarousel-1.2.min.js?v=109
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: b3f915fc4d0a6193c5009ba3f1e6ed7e3ceac82574437f0df5df606c1dd4a4ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "4e8e-5a717681a0a4a-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5279

GET
H/1.1 200
OK thumb-fdeb88636f1b5a762ded8e5c9d6b8e89-web2.jpg
doska.zahav.ru/img/second-hand/2017-11/08/01/ Frame 3D19 10 KB
11 KB 61ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2017-11/08/01/thumb-fdeb88636f1b5a762ded8e5c9d6b8e89-web2.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: de12938507eb047e09dcdade80cb64e7a7024e157e33882d9eb8c48c9ddc0d56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Wed, 08 Nov 2017 11:07:34 GMT
Server: nginx
ETag: "5a02e576-2913"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10515
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-6229b693c3345416b3f832b9969afeeb-web1.jpg
doska.zahav.ru/img/second-hand/2021-11/14/07/ Frame 3D19 9 KB
9 KB 81ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-11/14/07/thumb-6229b693c3345416b3f832b9969afeeb-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 7caa1a4cea451e2f1b8cdb1be6b779f9deb415e39a1217c0d77f7171527d44fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Sun, 14 Nov 2021 05:46:28 GMT
Server: nginx
ETag: "6190a2b4-241d"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9245
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-9f8c00110990185f13af03679ae73a50-web2.jpg
doska.zahav.ru/img/second-hand/2019-01/13/09/ Frame 3D19 12 KB
12 KB 60ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2019-01/13/09/thumb-9f8c00110990185f13af03679ae73a50-web2.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 20b9c4931e008ecf26805fe1f9ea7a0a7527085728bc8d80e829e387cdb81bc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Wed, 13 Mar 2019 11:36:55 GMT
Server: nginx
ETag: "5c88eb57-2eb1"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11953
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-51e53cbff5ccf0efd59dc9e2d12b4fff-web1.jpg
doska.zahav.ru/img/second-hand/2021-11/11/07/ Frame 3D19 11 KB
12 KB 60ms
59ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-11/11/07/thumb-51e53cbff5ccf0efd59dc9e2d12b4fff-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: ca2285b1d2e8ebdecd84c81461a6a021d65782d63fe643ecdd37298dc22cfe16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Thu, 11 Nov 2021 05:09:59 GMT
Server: nginx
ETag: "618ca5a7-2d35"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11573
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-e24c76e9f0b5abef7db9012fb30f539b-web1.jpg
doska.zahav.ru/img/second-hand/2020-06/22/11/ Frame 3D19 7 KB
7 KB 62ms
61ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2020-06/22/11/thumb-e24c76e9f0b5abef7db9012fb30f539b-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: f6a71c76c6d34f5201c3b26374e98fd8bfdefbaad9bb18a20cb938e118478139

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Mon, 22 Jun 2020 20:48:39 GMT
Server: nginx
ETag: "5ef11927-1c89"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7305
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-vabf1foyzy726596dnx5r933jjkik5v5-web1.jpg
doska.zahav.ru/img/second-hand/2020-09/26/01/ Frame 3D19 8 KB
8 KB 106ms
66ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2020-09/26/01/thumb-vabf1foyzy726596dnx5r933jjkik5v5-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 810c2f4d788fbb9c2d4ce33f11faaf1a3f893f613129d60e804701519bc5895d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Sat, 26 Sep 2020 14:20:09 GMT
Server: nginx
ETag: "5f6f4e19-2068"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8296
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-b75be8e0fae5835a300287b58690e4b2-web2.jpg
doska.zahav.ru/img/second-hand/2021-03/18/06/ Frame 3D19 6 KB
7 KB 118ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-03/18/06/thumb-b75be8e0fae5835a300287b58690e4b2-web2.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 9482979abe85aef8dab69780f1a56c645c85e8a31f4f513f4094ce28a82e61ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Thu, 18 Mar 2021 16:41:28 GMT
Server: nginx
ETag: "605382b8-196e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6510
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-5l7ewn0ymqohd6y7epcywpn3rrjgj81s-web2.jpg
doska.zahav.ru/img/second-hand/2021-11/10/07/ Frame 3D19 6 KB
6 KB 60ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2021-11/10/07/thumb-5l7ewn0ymqohd6y7epcywpn3rrjgj81s-web2.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 6263a077aa16cd1c1af20413e3da9d7922d3c4fb435525d159567a88b1af0aed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Thu, 11 Nov 2021 07:06:23 GMT
Server: nginx
ETag: "618cc0ef-17d0"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6096
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-a9d7aaecebaed345915ffe5998cb9d83-web2.jpg
doska.zahav.ru/img/second-hand/2018-03/01/01/ Frame 3D19 8 KB
9 KB 61ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2018-03/01/01/thumb-a9d7aaecebaed345915ffe5998cb9d83-web2.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 99a0a089b22c99373fab251c457588c805f98c3aa5ab6bd465ab5a244c0e0e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Thu, 01 Mar 2018 11:08:15 GMT
Server: nginx
ETag: "5a97df1f-2129"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8489
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK thumb-427c51656293f66fc4d20292f0181728-web1.jpg
doska.zahav.ru/img/second-hand/2017-04/05/11/ Frame 3D19 9 KB
9 KB 60ms
60ms Image
image/jpeg 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/img/second-hand/2017-04/05/11/thumb-427c51656293f66fc4d20292f0181728-web1.jpg
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 2be08cee1fabecbc458c034e76a5201aff210e388eeb6c93809d55ac2a1a5ef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/informer/?lang=rus&categories=1.3-1.9-1.4-1.18&geo_select=44&tid=350&cols=1&show_info=1&paging=1&text_orient=side&navigation=1&navigation_autohide=&autoplay=1&autoplay_delay=3&width=480&photo_bord_color=E7AD01&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Wed, 05 Apr 2017 08:00:40 GMT
Server: nginx
ETag: "58e4a428-222e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8750
Expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK iframe.css
date.zahav.ru/css/ Frame E251 939 B
820 B 68ms
67ms Stylesheet
text/css 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://date.zahav.ru/css/iframe.css?v=484
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jul 2020 07:11:49 GMT
Server: nginx
ETag: "3ab-5a9d4b4718cac-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 436
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame E251 1009 B
1 KB 62ms
62ms Image
image/png 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Tue, 06 Feb 2018 06:51:18 GMT
Server: nginx
ETag: "5a795066-3f1"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1009
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK ts_ms9916miyz.jpg
date.zahav.ru/photos/34/2834/3327834/ Frame E251 3 KB
3 KB 205ms
107ms Image
image/jpeg 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/photos/34/2834/3327834/ts_ms9916miyz.jpg
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 12956c4adfe42605f96bcd299eef2058f7522317330edfa0b94e14c0095bce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Fri, 29 Nov 2019 07:37:44 GMT
Server: nginx
ETag: "5de0cac8-af3"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2803
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK ts_dgofcecte8.jpg
date.zahav.ru/photos/173/1773/9096773/ Frame E251 2 KB
2 KB 160ms
62ms Image
image/jpeg 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/photos/173/1773/9096773/ts_dgofcecte8.jpg
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 9b79e63f551b30b12777d502b278df45b63d3f753dc4cbdc21c660821dd338dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Tue, 23 Nov 2021 20:19:48 GMT
Server: nginx
ETag: "619d4ce4-885"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2181
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK ts_1gpjv3jnfi.jpg
date.zahav.ru/photos/5/1005/8661005/ Frame E251 3 KB
3 KB 181ms
66ms Image
image/jpeg 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/photos/5/1005/8661005/ts_1gpjv3jnfi.jpg
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 01118b69e2f0430c25c7fff80c5860199d8330c80a3996e912ef7595dcc99875

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Fri, 19 Nov 2021 19:34:54 GMT
Server: nginx
ETag: "6197fc5e-a95"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2709
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK ts_eidr00iixj.jpg
date.zahav.ru/photos/146/3146/1153146/ Frame E251 2 KB
3 KB 186ms
62ms Image
image/jpeg 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/photos/146/3146/1153146/ts_eidr00iixj.jpg
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: d02c02e4a59298d6915800037770611a1d639012e50cea38bb71c04c7f4da463

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Wed, 23 Sep 2020 11:44:53 GMT
Server: nginx
ETag: "5f6b3535-9d2"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2514
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK jsapi.v5.5.1.ru_RU.js Show response
static.smi2.net/static/jsapi/ Frame 7099 250 KB
75 KB 68ms
33ms Script
application/x-javascript 138.201.55.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.smi2.net/static/jsapi/jsapi.v5.5.1.ru_RU.js
Requested by: Host: smi2.ru
URL: https://smi2.ru/data/js/98593.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.55.248 Fellbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn4-2.sfa65.imcmdb.net
Software: nginx /
Resource Hash: 5a0db6487c26e2c9948ed0b4439efc4ab46c30c2021b0b917fc3ffcef9f24a97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Nov 2021 10:47:09 GMT
Server: nginx
ETag: W/"61923aad-3e83f"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK sm.js Show response
stat.media/ Frame 7099 77 KB
28 KB 251ms
125ms Script
application/x-javascript 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/sm.js
Requested by: Host: smi2.ru
URL: https://smi2.ru/data/js/98593.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: 382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Aug 2021 20:46:02 GMT
Server: nginx
ETag: W/"610afc8a-133b9"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK smi2.svg
static.smi2.net/static/logo/ Frame 7099 3 KB
3 KB 46ms
12ms Image
image/svg+xml 138.201.55.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.smi2.net/static/logo/smi2.svg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.55.248 Fellbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn4-2.sfa65.imcmdb.net
Software: nginx /
Resource Hash: 752b584142bd8ce13218ba3a53bf07a89b9cff2f0cf001d6b396b35df335c5a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Wed, 14 Nov 2018 15:52:47 GMT
Server: nginx
ETag: "5bec44cf-a66"
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2662

GET
H/1.1 200
OK /
target.smi2.ru/init/ Frame 7099 95 B
463 B 161ms
49ms Image
image/png 146.185.195.90
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://target.smi2.ru/init/?blockid=98593&siteid=51345&bw=300&bh=520&ref=https%3A%2F%2Fwww.zahav.ru%2F&rnd=7869795524293
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.195.90 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: target2-1.ssel24.imcmdb.net
Software: nginx / HHVM/3.9.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

X-Target-Version: 2
Date: Wed, 24 Nov 2021 07:12:41 GMT
X-Target-Final: 20211124101241-0
Server: nginx
X-Target-Host: target2-1.ssel24
X-Powered-By: HHVM/3.9.1
X-Time-Request: 0.00051
Content-Type: image/png
Cache-Control: no-cache, private
Connection: keep-alive
Content-Length: 95
Expires: Wed, 24 Nov 2021 07:12:40 GMT

GET
H/1.1 200
OK iframe.css
date.zahav.ru/css/ Frame DC0D 939 B
820 B 148ms
88ms Stylesheet
text/css 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to

Full URL: https://date.zahav.ru/css/iframe.css?v=484
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Nov 2018 07:04:58 GMT
Server: nginx
ETag: "3ab-579e580c7f74a-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 436
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame DC0D 1009 B
1 KB 138ms
73ms Image
image/png 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Tue, 06 Feb 2018 06:51:18 GMT
Server: nginx
ETag: "5a795066-3f1"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1009
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK ts_c9g7zz1xbo.jpg
date.zahav.ru/photos/97/297/5935297/ Frame DC0D 3 KB
3 KB 184ms
63ms Image
image/jpeg 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/photos/97/297/5935297/ts_c9g7zz1xbo.jpg
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 68610359625c61aa2e38093918b75a165c1a78a4ed3c3642921f5c8ba94c0f2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Thu, 16 Sep 2021 21:18:48 GMT
Server: nginx
ETag: "6143b4b8-b73"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2931
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK ts_ms9916miyz.jpg
date.zahav.ru/photos/34/2834/3327834/ Frame DC0D 3 KB
3 KB 193ms
65ms Image
image/jpeg 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/photos/34/2834/3327834/ts_ms9916miyz.jpg
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 12956c4adfe42605f96bcd299eef2058f7522317330edfa0b94e14c0095bce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Fri, 29 Nov 2019 07:37:44 GMT
Server: nginx
ETag: "5de0cac8-af3"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2803
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK ts_dgofcecte8.jpg
date.zahav.ru/photos/173/1773/9096773/ Frame DC0D 2 KB
2 KB 224ms
66ms Image
image/jpeg 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/photos/173/1773/9096773/ts_dgofcecte8.jpg
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 9b79e63f551b30b12777d502b278df45b63d3f753dc4cbdc21c660821dd338dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Tue, 23 Nov 2021 20:19:48 GMT
Server: nginx
ETag: "619d4ce4-885"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2181
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK ts_8bl969ylc6.jpg
date.zahav.ru/photos/103/4303/7674303/ Frame DC0D 3 KB
3 KB 246ms
67ms Image
image/jpeg 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/photos/103/4303/7674303/ts_8bl969ylc6.jpg
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 58380cc3712989d9f113c2f93cd144b232e95fa4927a3324142d4a1ab94c8f45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Fri, 20 Aug 2021 18:51:46 GMT
Server: nginx
ETag: "611ff9c2-b43"
Content-Type: image/jpeg
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 2883
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
DATA 200
OK truncated
/ Frame F54F 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e190a4d5edc1e768529b868e650ceea914c8329d7083c5af4c6b27045b10a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Roboto-Regular.woff2
freecurrencyrates.com/font/roboto.googlefonts/ Frame F54F 60 KB
60 KB 55ms
18ms Font
application/octet-stream 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://freecurrencyrates.com/font/roboto.googlefonts/Roboto-Regular.woff2
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: f05b6f9877fc4a3f9b4587aba72a9c63c60ce1e26398993498187816366de818

Request headers

Referer: https://www.zahav.ru/
Origin: https://www.zahav.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Sun, 03 Jul 2016 17:43:11 GMT
Server: nginx/1.14.2
ETag: "57794eaf-f0a4"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 61604
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK Roboto-Medium.woff2
freecurrencyrates.com/font/roboto.googlefonts/ Frame F54F 61 KB
61 KB 57ms
19ms Font
application/octet-stream 2a01:7e00::f03c:91ff:fea6:3b6d
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://freecurrencyrates.com/font/roboto.googlefonts/Roboto-Medium.woff2
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/currency
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:7e00::f03c:91ff:fea6:3b6d London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e9817ff441c7044f2d126a3e12b02f624bd2fff669e3f6092d9c92324313df13

Request headers

Referer: https://www.zahav.ru/
Origin: https://www.zahav.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:41 GMT
Last-Modified: Sun, 03 Jul 2016 17:43:11 GMT
Server: nginx/1.14.2
ETag: "57794eaf-f314"
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 62228
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame E251 1009 B
1 KB 214ms
60ms Image
image/png 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=350&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Tue, 06 Feb 2018 06:51:18 GMT
Server: nginx
ETag: "5a795066-3f1"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1009
Expires: Sat, 19 Nov 2022 07:12:22 GMT

GET
H/1.1 200
OK widget.js Show response
d221oziut8gs4d.cloudfront.net/ 0
589 B 170ms
141ms Script
text/javascript 143.204.101.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d221oziut8gs4d.cloudfront.net/widget.js?id=19762624&secure&9098544

Requested by

Host: d2xerlamkztbb1.cloudfront.net
URL: https://d2xerlamkztbb1.cloudfront.net/19762624-ad0a/5/widget.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.191 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-191.fra50.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:41 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA50-C1
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: text/javascript; charset=UTF-8
Via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache="set-cookie"
Connection: keep-alive
Content-Length: 20
X-Amz-Cf-Id: 8SqV6f5OZHK4I2YaglQJQLxlvZ_LeUnZ-ArtAeYEyFZZ89-fCgd0Sw==

GET
H/1.1 200
OK online-rus2.png
date.zahav.ru/site-images/icons/default/ Frame DC0D 1009 B
1 KB 135ms
61ms Image
image/png 91.226.245.88
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://date.zahav.ru/site-images/icons/default/online-rus2.png
Requested by: Host: date.zahav.ru
URL: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.226.245.88 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS: dabltech.co.il
Software: nginx /
Resource Hash: 79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://date.zahav.ru/iframe.php?tid=441&lang=rus&geo_select=44&age_from=25&age_to=45&icons=gray&tid=441&hot=1&new_window=1&cols=4&rows=1&size=2&show_info=1&static_online=1&width=480&width_px=1&photo_bord_width=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:22 GMT
Last-Modified: Tue, 06 Feb 2018 06:51:18 GMT
Server: nginx
ETag: "5a795066-3f1"
Content-Type: image/png
Cache-Control: max-age=31104000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=20
Content-Length: 1009
Expires: Sat, 19 Nov 2022 07:12:22 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1415676577&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zahav.ru%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1246570138&gjid=2090185668&cid=1436109067.1637737962&tid=UA-4780630-1&_gid=1359563752.1637737962&_r=1&gtm=2wgba158RVJLV&z=438486817

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 36ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Nov 2021 07:12:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 127 B
124 B 32ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zahav.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

52edaf861a380eedc1366e339df6f672fb9b553c517421dbd423ce4f120dad56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
expires: Wed, 24 Nov 2021 07:12:41 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 370ms
88ms XHR
application/json 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1637737961906&sessionId=be15786a-4b42-9fcc-9bac-1f1d44187e94&url=www.zahav.ru&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:42 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: abaf322dee8098f0a8b684a9b2637e26
Content-Length: 4
Expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4780630-1&cid=1436109067.1637737962&jid=1246570138&gjid=2090185668&_gid=1359563752.1637737962&_u=YEBAAEAAAAAAAC~&z=471865942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Nov 2021 07:12:41 GMT
content-type: text/plain
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 spc_fi.php Show response
cdn.firstimpression.io/delivery/ 55 KB
11 KB 170ms
160ms XHR
application/json 143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.firstimpression.io/delivery/spc_fi.php?id=6962&url=%2F&charset=UTF-8&ch=7&ref=www.zahav.ru&viewerId=null&referer=&_firid=60277479
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-113.fra50.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 7dc6e59e6d2c07ac5e1238d9461fdd53c5c7bf979f1d5cf2b989e3e2ef01922b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-amz-cf-pop: FRA50-C1
x-powered-by: PHP/7.3.23
x-cache: Miss from cloudfront
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
access-control-allow-origin: https://www.zahav.ru
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-amz-cf-id: ikbyTbTgmy-Xfq6k8HOBe3IAnWMfT7zXE5bZ8R_mSirO6VgV1GBvMA==
expires: 0

POST
H/1.1 200 jsapi Show response
smi2.ru/newdata/ Frame 7099 3 KB
2 KB 205ms
80ms XHR
application/json 185.162.95.74
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://smi2.ru/newdata/jsapi?action=news
Requested by: Host: static.smi2.net
URL: https://static.smi2.net/static/jsapi/jsapi.v5.5.1.ru_RU.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.162.95.74 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: ads5-2.smir10.imcmdb.net
Software: nginx /
Resource Hash: 1433fd002b923c5c88b9acb6e47b15121632afbcfff8e3a5c46f473b7277802b

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:42 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 24-Nov-2021 07:12:42 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.zahav.ru
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
X-Node: ads5-2smir10

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 44ms
20ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=1436109067.1637737962&jid=1246570138&_u=YEBAAEAAAAAAAC~&z=1248658773

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-4780630-1&cid=1436109067.1637737962&jid=1246570138&_u=YEBAAEAAAAAAAC~&z=1248658773

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 69ms
21ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zahav.ru%2F&domain=www.zahav.ru&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.zahav.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.zahav.ru
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1636
date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/160447/3622/ 262 KB
81 KB 73ms
12ms Script
text/javascript 104.108.144.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/160447/3622/pwt.js
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-214.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
last-modified: Wed, 14 Jul 2021 08:22:46 GMT
server: Apache/2.2.15 (CentOS)
etag: "1481c32-41771-5c7110f340cdf"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=58919
accept-ranges: bytes
content-type: text/javascript
content-length: 82748
expires: Wed, 24 Nov 2021 23:34:41 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 79ms
27ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211124

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99c02df117ddd61aa9ec99a89d6145c18ca62e49bee6c48de0d4bbbdb4977442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9345
x-jsd-version: 1.0.1170
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19121-FRA, cache-mxp6947-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69d-EvGHxNDSLCG+PN2K5Rd1I0ubRNM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b30d4970a8e3743-MXP

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.zahav.ru%2F&domain=www.zahav.ru&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=aGJC5XxqWkd2NXF2RTlicGYvck1KUmo2QTc2TmgxRHRINXhQNWRZQStoZzhSL083bmFpSzFqNHpCN0xselBodDl3dFNuRlJLTjYzNi9JaFhMakN5RjVXVldOeHZRblpITkR5N29rRjBsZGpQWTZsTURzZ3FmUVFFL1BWNU...

352 B
606 B

50ms
19ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=aGJC5XxqWkd2NXF2RTlicGYvck1KUmo2QTc2TmgxRHRINXhQNWRZQStoZzhSL083bmFpSzFqNHpCN0xselBodDl3dFNuRlJLTjYzNi9JaFhMakN5RjVXVldOeHZRblpITkR5N29rRjBsZGpQWTZsTURzZ3FmUVFFL1BWNUxKbjR2ejRvN1VTOEhDa3YxQlAvVjYrK0kyeUJwcDVmSzZGNURocXBFTSs2OUVwYVpWSzJJYVpuUWpiT1JhUDhaOGVtcUVKd2FTSzkya0ZmbldTNEdpNnJpaVRrRWx2TStSU05iRXdYc21mTUJmY3dXVjZjPXw&cppv=2

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

087b73b9c1e7068576395dbf0b49f18df329d27ab326857d230ca68df905d00e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 24 Nov 2021 07:12:41 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2945
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 24 Nov 2021 07:12:41 GMT
location: https://mug.criteo.com/sid?cpp=aGJC5XxqWkd2NXF2RTlicGYvck1KUmo2QTc2TmgxRHRINXhQNWRZQStoZzhSL083bmFpSzFqNHpCN0xselBodDl3dFNuRlJLTjYzNi9JaFhMakN5RjVXVldOeHZRblpITkR5N29rRjBsZGpQWTZsTURzZ3FmUVFFL1BWNUxKbjR2ejRvN1VTOEhDa3YxQlAvVjYrK0kyeUJwcDVmSzZGNURocXBFTSs2OUVwYVpWSzJJYVpuUWpiT1JhUDhaOGVtcUVKd2FTSzkya0ZmbldTNEdpNnJpaVRrRWx2TStSU05iRXdYc21mTUJmY3dXVjZjPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1658
content-length: 482
expires: 0

GET
H2 200 arj Show response
u.openx.net/w/1.0/ 73 B
379 B 45ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.zahav.ru%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c1969924-92d4-4fd4-ae6c-c6f825f995b2%2Ca9995f37-3704-4b5c-8566-b554bb5fc00f%2Cc9d41567-562d-495f-b546-9f841b110ebc%2C3793b7dc-4d37-4b03-a85d-7de05720d983%2C511fd919-7163-482e-a461-f573d8eef46b%2Cfbcdfb9f-dc08-449f-a262-ac87ad21083e%2C5d644815-f65c-45be-847b-bf19182d3261%2C2493d9bd-69b5-4eb2-9f77-37f0726f2a9b%2C1eca2c69-55b8-418c-93b4-e5b52bb232be&nocache=1637737962040&ph=699eab9c-3b10-4094-afdb-80584fcca830&schain=1.0%2C1!valuad.io%2C15113%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%2C970x350%7C120x600%2C160x600%2C300x600%2C300x1050%7C120x600%2C160x600%2C300x600%2C300x1050%7C120x600%2C160x600%7C468x60%7C300x250%2C468x60%7C320x50%7C300x250%7C320x50&divids=adSlot-0%2CadSlot-1%2CadSlot-2%2CadSlot-3%2CadSlot-4%2CadSlot-5%2CadSlot-6%2CadSlot-7%2CadSlot-9&aucs=%2C%2C%2C%2C%2C%2C%2C%2C&auid=544104786%2C544104786%2C544104786%2C544104786%2C544104786%2C544104786%2C544104786%2C544104786%2C544104786
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: 4b90b41c0faf05e78ea4665a7ac824db4836446c676d9e035ae181d830518913

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
server: OXGW/16.220.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.zahav.ru
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 1 KB
1 KB 56ms
22ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d6c529fbb8a14ddb7387eb0e2f4da69c654beb3067b10fa89bf576242d7b1f37

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2ed4b852-d21e-4026-ae46-bbfc6369767b
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.zahav.ru
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 12 KB
12 KB 121ms
91ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=715827&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2221cb5e6c23fbf2f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.zahav.ru%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A9%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A9%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22valuad.io%22%2C%22sid%22%3A%2215113%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222267d64204dcb92%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22231a91cb6c33662%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22245f2ed244d2cb1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2225c89b4f1a48e9f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22264e1103b349aa%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22274dd0f196b5fcd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222889b6f314ee018%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222989bee49bb1081%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2230df5665bebce42%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2231e075496d3bc61%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232da9055cb66cd6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2233053bb67fbd6f3%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22341446f397daffe%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2235cede8fbf4785d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2236e33c687348f24%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22377b6906ad17ef5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22388369b6367929b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222267d64204dcb92%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22970x350%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A350%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2225c89b4f1a48e9f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222889b6f314ee018%22%2C%22ext%22%3A%7B%22siteID%22%3A%22715827%22%2C%22sid%22%3A%22300x1050%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d8c30dd4a324db3318cea60fe7621b915fea65f2ef3a9359d2f1d17d109d71ec

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[193.27.14.40], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.zahav.ru
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 11832
x-ak-client-geo: 12
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 41ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 65ms
64ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=432946270986874&correlator=929371471401172&output=ldjh&impl=fifs&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211124&iu_parts=43010785%2Czahav%2Cmain%2Cstrip_KATAVA_desktop&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=480x175&prev_scp=slot_name%3Dstrip_KATAVA_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1637737962&dt=1637737962064&dlt=1637737961286&idt=677&frm=20&biw=1600&bih=1200&oid=2&adxs=490&adys=1893&adks=3897208860&ucis=1&ifi=1&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zahav.ru%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=480x0&msz=480x0&ga_vid=1436109067.1637737962&ga_sid=1637737962&ga_hid=1415676577&ga_fc=true&fws=132&ohw=480&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e2e9e33017d1e723b736537f9a4fe46a34e02ba1d58950c2c92c6a7a844351ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8782
x-xss-protection: 0
google-lineitem-id: 5838360430
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138371837870
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4B67 6 KB
4 KB 67ms
15ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 24 Nov 2021 07:12:42 GMT
expires: Thu, 24 Nov 2022 07:12:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A536 0
0 31ms
31ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0NHQNpoBMPApm5Iw4u578mDzGQQHguAJ2qxrUseX9rZeBfLh5IuoO4mkT1BQcOpkZH1Rqdxb9omUsQq_nLUKmvewuLwbLQtUehu4w9fyeJb4g-faPDc6XGqikRkg7URUO2D8JPFtRMcdPk6JnJ7WgDqdXQRZGbpO7qJTzA7SNYrBPEJYJiefGWjCO9_mfxCCxMSh70RVa9XIcktIgmyFcV8kDeRotciQQQ7xyZsXBtCco2y3cDKU8QO4lWQpht-t4uMqJZ8XZDf3uel_KvssqDmqNqlLo9xAfLGs_Y88rfKoP4aRgNu2_6UC36T6QIkU3NXdITgub&sai=AMfl-YTLYPlXReI-LafYD2w-tulGBLoa6OsmRiPzZGSfkmQGCr_2msuSV6hekfu855X6bsOoAtaTHRn62veEqKGBC2sV98nDy_fAIRYAksuvahz8hnIccsj9WE1Jc9F83lqX&sig=Cg0ArKJSzP0yTrZ7LlnqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H2 200 index.html Show response
jackkuba.ru/zahav44/ Frame C62A 3 KB
1 KB 276ms
89ms Document
text/html 84.94.227.80
PARTNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://jackkuba.ru/zahav44/index.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 84.94.227.80 Tel Aviv, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: dana.spd.co.il
Software: nginx /
Resource Hash: b2b7bafd31232c42f36d79f7976ea398d31e14f4dd80dc43614739cada6a1e93

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

server: nginx
date: Wed, 24 Nov 2021 07:12:42 GMT
content-type: text/html; charset=UTF-8
last-modified: Wed, 17 Nov 2021 13:56:24 GMT
vary: Accept-Encoding
cache-control: max-age=0, public
expires: Wed, 24 Nov 2021 07:12:42 GMT
etag: W/"61950a08-c41"
content-encoding: gzip

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A536 119 KB
37 KB 51ms
29ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 07:12:42 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 53ms
16ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1533
date: Wed, 24 Nov 2021 07:12:41 GMT
content-encoding: gzip
vary: Accept-Encoding

POST
H/1.1 200 jsapi Show response
smi2.ru/newdata/ Frame 7099 3 KB
2 KB 235ms
91ms XHR
application/json 185.162.95.74
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to

Full URL: https://smi2.ru/newdata/jsapi?action=news
Requested by: Host: static.smi2.net
URL: https://static.smi2.net/static/jsapi/jsapi.v5.5.1.ru_RU.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.162.95.74 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: ads5-2.smir10.imcmdb.net
Software: nginx /
Resource Hash: 1a17deda710dce84322e108cf77e8ba7d4e4c98a05d8e81cef523b7f7c1f5ce4

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:42 GMT
Content-Encoding: gzip
Last-Modified: Wednesday, 24-Nov-2021 07:12:42 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.zahav.ru
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: close
Access-Control-Allow-Credentials: true
X-Node: ads5-2smir10

OPTIONS
H3 200 analytics
hb-dot-valuad.appspot.com/ Frame 0
0 115ms
100ms Preflight
text/html 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Origin: https://www.zahav.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.zahav.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: content-type,x-request-id,x-vad-version
x-request-id: undefined
x-cloud-trace-context: d43eb31c3f8be3db798a2d756ccec8b9
date: Wed, 24 Nov 2021 07:12:42 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 analytics Show response
hb-dot-valuad.appspot.com/ 16 B
35 B 119ms
118ms Fetch
application/json 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json
Referer: https://www.zahav.ru/
x-request-id: d9b72665-6dcf-4842-a575-2f88c2637dc0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-vad-version: 0.3.7
Content-Type: application/json

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zahav.ru
x-cloud-trace-context: 4f8a1c718c1a1b84ff192ecbf31a87a8
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 409 KB
68 KB 420ms
419ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=432946270986874&correlator=3011769405961503&output=ldjh&impl=fifs&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211124&iu_parts=43010785%2Czahav%2Cmain%2Ctop_desktop%2Cskyscraper_desktop%2Cskyscraper_desktop_menu_down%2Cbaner_strip_desktop%2Cvideo_box%2Cbanner_main_strip%2Cmiddle_rectangle_desktop%2Cbanner_weather_strip&enc_prev_ius=0%2F1%2F2%2F3%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F4%2C0%2F1%2F2%2F5%2C0%2F1%2F2%2F6%2C0%2F1%2F2%2F7%2C0%2F1%2F2%2F8%2C0%2F1%2F2%2F9%2C0%2F1%2F2%2F10&prev_iu_szs=480x1%7C770x430%7C728x90%7C480x270%7C720x300%7C970x90%7C970x250%7C970x350%2C120x600%7C160x600%7C300x600%7C300x1050%2C120x600%7C160x600%7C300x600%7C300x1050%2C120x600%7C160x600%2C480x50%7C468x60%2C320x50%7C300x250%7C355x215%2C320x50%7C460x60%2C300x250%2C320x50%7C460x60&fluid=0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0%2C0&prev_scp=slot_name%3Dtop_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.08%26vad_adid%3D44fd2ce4cb39da4%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.24%26vad_adid%3D40d29ed5cd3aee9%7Cslot_name%3Dskyscraper_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.48%26vad_adid%3D39e41c864efa1e3%7Cslot_name%3Dskyscraper_desktop_menu_down%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.08%26vad_adid%3D430a1026d707c5a%7Cslot_name%3Dbaner_strip_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.08%26vad_adid%3D468f0ecc939d9d5%7Cslot_name%3Dvideo_box%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.12%26vad_adid%3D4292a063661a639%7Cslot_name%3Dbanner_main_strip%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D478ae4ae7c0d7a4%7Cslot_name%3Dmiddle_rectangle_desktop%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.12%26vad_adid%3D41f333978b63bef%7Cslot_name%3Dbanner_weather_strip%26exclusive%3Dnot%26page_type%3Dhp%26vertical_id%3D156%26mobile%3D0%26isTaboolaOnPage%3D%255Bobject%2520Object%255D%26age%3D0%26gender%3D0%26login%3Dno%26agegroup%3D0%26adb%3D0%26strip_step%3D1%26vad_status%3Dtrue%26vad_pb%3D0.04%26vad_adid%3D50ac398e7e3dd31&eri=1&cookie=ID%3Dce710ba4f546328f-22a4df59f6cb0084%3AT%3D1637737962%3AS%3DALNI_Mb3yIhR0Rdvd8unC6wYMa6xx0TvlA&bc=31&abxe=1&lmt=1637737962&dt=1637737962253&dlt=1637737961286&idt=677&frm=20&biw=1600&bih=1200&oid=2&adxs=315%2C-12245933%2C-12245933%2C315%2C490%2C490%2C490%2C985%2C490&adys=15%2C-12245933%2C-12245933%2C783%2C485%2C750%2C1286%2C2032%2C2375&adks=111351917%2C3986781458%2C3986781459%2C1647081970%2C4292339437%2C811035953%2C3937227140%2C1284453619%2C212955244&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zahav.ru%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x0%7C0x-1%7C0x-1%7C160x0%7C480x0%7C480x0%7C480x0%7C300x0%7C480x0&msz=770x0%7C0x-1%7C0x-1%7C120x0%7C480x0%7C300x0%7C320x0%7C300x0%7C320x0&psts=AGkb-H8WUfQrwrElm6dVQMfsV1MowBoxzSn39xL0q9v8WuGlQR54qYJ3QVBHyQWXoSqJn_Q7WhdwHab0jMAKUfaIPZZwlXQ&ga_vid=1436109067.1637737962&ga_sid=1637737962&ga_hid=1415676577&ga_fc=true&fws=132%2C644%2C644%2C132%2C132%2C132%2C132%2C132%2C132&ohw=970%2C0%2C0%2C160%2C480%2C480%2C480%2C300%2C480&btvi=0%7C-1%7C-1%7C0%7C0%7C0%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

5cdb7a37129d9b91b632b3726c28a0cc19bc38877bb7ff12a3b3b30f3e1422b2

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKL87Ku5sPQCFUkj4AodawgJaQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13314429548186760122/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKL87Ku5sPQCFUkj4AodawgJaQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/13314429548186760122/index.html
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
google-creative-id: 138371557602,138371752231,138351220043,-1,138372303511,138372851527,138372401769,-1,138351264168
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69525
x-xss-protection: 0
google-lineitem-id: 5835415431,5835257515,5705626524,-1,5838360427,5841188386,5841188386,-1,5706811102
pragma: no-cache
server: cafe
google-mediationtag-id: -2
date: Wed, 24 Nov 2021 07:12:42 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zahav.ru
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 66ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b229178c427913473e75247e0e544c7f85e59bb0883e3489fe932d708ab17acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51340
x-xss-protection: 0
server: cafe
etag: 15770794849637627277
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 1 KB
1 KB 133ms
106ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.zahav.ru%2F&idx=0&rand=49150&key=NANOWDGT01&widgetJSId=AR_57&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=0&py=15&vpd=0&cw=1600&activeTab=true&settings=true&recs=true&version=2000523&sig=nusnWvhS&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 00d0d4f70f0d7a963159087f0478c31eeab26d7a98d4c0b49b68f734b8e63713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1637737962.312086,VS0,VE99
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.50
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: aa0893f3e5a7fa64a6400929267ba4eb
content-encoding: gzip
content-length: 700
x-served-by: cache-lga21950-LGA, cache-hhn4030-HHN

GET
H/1.1 200
OK grab.png
doska.zahav.ru/css/touchcarousel/ Frame 3D19 99 B
333 B 77ms
64ms Image
image/png 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/css/touchcarousel/grab.png
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/css/touchcarousel/touchcarousel.css?v=113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "63-5a7176818d1c9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99

GET
H/1.1 200
OK sprite.png
doska.zahav.ru/css/touchcarousel/three-d-skin/ Frame 3D19 3 KB
3 KB 78ms
61ms Image
image/png 193.150.127.23
DABLTECH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://doska.zahav.ru/css/touchcarousel/three-d-skin/sprite.png
Requested by: Host: doska.zahav.ru
URL: https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.150.127.23 , Israel, ASN56839 (DABLTECH, IL),
Reverse DNS
Software: nginx /
Resource Hash: 6c02b4d4daf27fa92211062a42b8d7dd83e3990d80aee07fdfe7b4f6ea093688

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://doska.zahav.ru/css/touchcarousel/three-d-skin/three-d-skin.css?v=113
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Tue, 02 Jun 2020 10:30:56 GMT
Server: nginx
ETag: "a04-5a7176818d1c9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2564

GET
H/1.1 200
OK settings Show response
stat.media/counter/ Frame 7099 672 B
1 KB 60ms
60ms Script
application/javascript 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/settings?payload=CJGRAxIkM2UyNTAzMDYtZGQ1ZS00NDVmLTg4ZDQtZTU4MGZkZmUxNzc4GIKxqIbVLyIkNDliYmU4ZTctZjFhMi00OTAxLTliZDQtYzdhMWMwZWRiZTNh&cb=_callbacks____0kwd6wbbg
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: 3d5ab241bad9c344032c33dd8290aacd5f4ba2a8cd50dde2603bb1637c4eb452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A536 0
0 32ms
32ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv84oMdkvV6cYAfNjcvBkleiIUinFHEHuTayRr5FXsK--Y-OxsKGleyHtOI4gU8aFtaQHNCKhn3QwNRPxK69Qkue36VoH5-OrZz6iSnL2pDSGU8aKMfmzr8329LOFEZweMjTuiytca7xTezqRk1rQB5Vx0d7lfxLJ51FXn17Rof7GXO_d12gB4V5Yp_MCv0XaSqhqpSmVxStk52Ae695_FcXshHwJUpG35YRwpggFA14_zbU_n1S2MEb35wCWmNvLpOlTL64qN7vAOAh8cAkBK-oKHRaN864GuzoCtKvd5srlaQUWntkWDh9JlQ3eWx5sZTk98MNrUG-IY&sai=AMfl-YTXPY5uTEyJ8V7obgc6h7kW5J85EdIVT2ZJjTgQ_m4PgIVRmla8OrkqCuL_nr_Aln11Dg1jDV5xm7RtHLVoVK1WN0pHOMO3klVqvu-Q7sCLuYciB7sNZaBUPpXKzDb7&sig=Cg0ArKJSzDvirn6yBIpfEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
DATA 200
OK truncated
/ Frame A536 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c0f4d59a0df83674183511b8781272fd09eee7506beb84429afe69fa93323d27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 /
smi2.ru/cookiematching/ Frame 7099 43 B
869 B 188ms
63ms Image
image/gif 185.162.95.74
MIRAN-AS Miran DC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.ru/cookiematching/?payload=CkEKB19zbV91aWQSJDNlMjUwMzA2LWRkNWUtNDQ1Zi04OGQ0LWU1ODBmZGZlMTc3OBoILnNtaTIucnUiAS8ogOeEDwoqCgdfc21fdWR0Eg0xNjM3NzM3OTYxNjAyGgguc21pMi5ydSIBLyiA54QPCj8KB19zbV9zaWQSJDQ5YmJlOGU3LWYxYTItNDkwMS05YmQ0LWM3YTFjMGVkYmUzYRoILnNtaTIucnUiAS8oiA4%3D&rnd=1637737962387
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.162.95.74 , Russian Federation, ASN41722 (MIRAN-AS Miran DC, RU),
Reverse DNS: ads5-2.smir10.imcmdb.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache, no-cache
Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Wednesday, 24-Nov-2021 07:12:42 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0
Connection: close
Content-Length: 43
Expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H/1.1 200
OK /
smi2.net/cookiematching/ Frame 7099 43 B
229 B 192ms
48ms Image
image/gif 82.202.225.240
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smi2.net/cookiematching/?payload=CkIKB19zbV91aWQSJDNlMjUwMzA2LWRkNWUtNDQ1Zi04OGQ0LWU1ODBmZGZlMTc3OBoJLnNtaTIubmV0IgEvKIDnhA8KKwoHX3NtX3VkdBINMTYzNzczNzk2MTYwMhoJLnNtaTIubmV0IgEvKIDnhA8KQAoHX3NtX3NpZBIkNDliYmU4ZTctZjFhMi00OTAxLTliZDQtYzdhMWMwZWRiZTNhGgkuc21pMi5uZXQiAS8oiA4%3D&rnd=1637737962387
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.202.225.240 Moscow, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: smi2adm2-1.ssel27.imcmdb.net
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 204
No Content view Show response
stat.media/counter/ Frame 7099 0
135 B 162ms
53ms XHR
text/plain 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: nginx
Connection: keep-alive

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/ 272 KB
98 KB 47ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.zahav.ru&bust=31063796

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

445928e8b0ba51447168caa1654299bd7f4f799dcbc95bd78078db6a003009f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100191
x-xss-protection: 0
server: cafe
etag: 14339678833158188022
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/ Frame DEB3 11 KB
5 KB 28ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211111/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 23 Nov 2021 09:43:00 GMT
expires: Tue, 07 Dec 2021 09:43:00 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 77382
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=new_abg_tag&value=false&frequency=0.01&eid=31063796

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 353ms
90ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=85ac6aff04d775fd39d44624c73aa482_73087_1637737962363&tm=590&eT=6&wRV=2000523&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
X-TraceId: ae9f4611726a470ff2e84717b701c99d
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 24 KB
8 KB 285ms
284ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.zahav.ru%2F&idx=1&rand=92716&key=NANOWDGT01&widgetJSId=HPP&va=true&et=true&format=html&pdobuid=-1&t=ODVhYzZhZmYwNGQ3NzVmZDM5ZDQ0NjI0YzczYWE0ODI=&adblck=false&abwl=false&px=985&py=3379&vpd=2179&cw=300&activeTab=true&settings=true&recs=true&version=2000523&sig=nusnWvhS&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cdb55c9a09a8dc39b8f6984643170cf7e0838a6e718b2bf7dbdabc09505c8d6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.63
x-cache-hits: 0, 0
x-traceid: 0a0495f2babafff659934c5f6c4b1bfa
content-encoding: gzip
content-length: 8080
x-served-by: cache-lga21963-LGA, cache-hhn4030-HHN
x-timer: S1637737962.430477,VS0,VE278
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg::amalserr&status=tcto&guarding=true&timeout=50&rate=0.01&eid=31063796

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 lg.php
tracking1.firstimpression.io/delivery/ 1 B
295 B 102ms
34ms Ping
text/html 54.77.121.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking1.firstimpression.io/delivery/lg.php?bannerid=97068&campaignid=32&zoneid=114913&dt=1&_fiid=A7&cb=65573080
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.121.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-121-55.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=abg_host&host=www.zahav.ru&eid=31063796

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 12 B
278 B 17ms
14ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.zahav.ru&callback=_gfp_s_&client=ca-pub-3622156405313063&cookie=ID%3Dce710ba4f546328f-22a4df59f6cb0084%3AT%3D1637737962%3AS%3DALNI_Mb3yIhR0Rdvd8unC6wYMa6xx0TvlA

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.zahav.ru&bust=31063796

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 35ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

postmessage.html Show response
ecdn.firstimpression.io/ Frame 2520
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=250&slotname=5496f3e.861ac88&adk=3028301708&adf=2877828173&pi=t.ma~as.5496f3e.861ac88&w=300&lmt=163...
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=8

359 B
628 B

11ms
6ms

Document
text/html

143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=8
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.zahav.ru&bust=31063796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-113.fra50.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 1d093d3c10615c18f00f0af703e3c86cf2d7f6631b4d7086883c686bb4edf7a9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

content-type: text/html; charset=UTF-8
content-length: 359
date: Tue, 23 Nov 2021 16:55:31 GMT
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0Z5ZrjlaJdrK3-y1eBh34yR9gcS5h5q3By7r8FnXPYq05sdYkz42zw==
age: 51431

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=8
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Nov 2021 07:12:42 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK 8264301.jpeg
static3.smi2.net/img/100x61/ Frame 7099 3 KB
3 KB 103ms
24ms Image
image/jpeg 138.201.55.245
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static3.smi2.net/img/100x61/8264301.jpeg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.55.245 Fellbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn4-1.sfa66.imcmdb.net
Software: nginx /
Resource Hash: db25946eb9d952c737a9e2c1e5d5f68ad0912dc060aa0ec353dd13d3c24dd542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: nginx
ETag: W/"5fae795d-35739"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3165
Expires: Wed, 25 Oct 2023 13:54:59 GMT

GET
H/1.1 200
OK 9378788.jpeg
static4.smi2.net/img/100x61/ Frame 7099 4 KB
4 KB 152ms
46ms Image
image/jpeg 88.212.234.125
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static4.smi2.net/img/100x61/9378788.jpeg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.234.125 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS: cdn4-2.sser4.imcmdb.net
Software: nginx /
Resource Hash: 4ee32f2ffa2ef42ab17dd9ba5fce2627c91060a005d3c42e3957e43e179f9014

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: nginx
ETag: W/"613bbbc8-a267"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3722
Expires: Thu, 23 Nov 2023 10:24:53 GMT

GET
H/1.1 200
OK 9614700.jpeg
static5.smi2.net/img/100x61/ Frame 7099 4 KB
4 KB 89ms
11ms Image
image/jpeg 88.99.129.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static5.smi2.net/img/100x61/9614700.jpeg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.129.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn4-4.sfa66.imcmdb.net
Software: nginx /
Resource Hash: 9e7579367a2a4c346b6236847e14055c544ec5ac6d3481a8d1539a7d181d7b4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: nginx
ETag: W/"6198aba5-3973f"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4303
Expires: Mon, 20 Nov 2023 08:25:10 GMT

GET
H/1.1 200
OK 9613265.jpeg
static8.smi2.net/img/100x61/ Frame 7099 3 KB
4 KB 156ms
46ms Image
image/jpeg 88.212.252.73
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.smi2.net/img/100x61/9613265.jpeg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.252.73 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS: cdn4-1.sser5.imcmdb.net
Software: nginx /
Resource Hash: c6d0c93d7514f73786c24f52796a28968663cf9fc464bbc5548232e401fc8e28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: nginx
ETag: W/"6197e010-af34"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3489
Expires: Mon, 20 Nov 2023 05:34:12 GMT

GET
H/1.1 200
OK 9590444.jpeg
static8.smi2.net/img/100x61/ Frame 7099 5 KB
5 KB 183ms
74ms Image
image/jpeg 88.212.252.73
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static8.smi2.net/img/100x61/9590444.jpeg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.252.73 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS: cdn4-1.sser5.imcmdb.net
Software: nginx /
Resource Hash: 78fe68edd6f28d382f52ab19c62cae9f096b2b2e1e2fa7952c531186d95291be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: nginx
ETag: W/"618f6c3f-c64b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5030
Expires: Mon, 13 Nov 2023 07:45:19 GMT

GET
H/1.1 200
OK 9529849.jpeg
static2.smi2.net/img/100x61/ Frame 7099 4 KB
4 KB 71ms
38ms Image
image/jpeg 88.99.129.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static2.smi2.net/img/100x61/9529849.jpeg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/mirtesen
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.129.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn4-4.sfa66.imcmdb.net
Software: nginx /
Resource Hash: 6b9b214d267f4298c976a20dc278fb878fdc3350ac39e8a1cf1049841e3701c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: nginx
ETag: W/"61770eb0-f97c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3819
Expires: Thu, 09 Nov 2023 16:24:56 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D1AE 0
16 B 30ms
29ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&adk=1812271804&adf=3025194257&lmt=1637737962&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.zahav.ru%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1637737962413&bpp=1&bdt=1127&idt=95&shv=r20211111&mjsv=m202111160101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dce710ba4f546328f-22a4df59f6cb0084%3AT%3D1637737962%3AS%3DALNI_Mb3yIhR0Rdvd8unC6wYMa6xx0TvlA&prev_fmts=300x250&nras=1&correlator=3512372123541&frm=20&pv=1&ga_vid=1436109067.1637737962&ga_sid=1637737962&ga_hid=1415676577&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063796&oid=2&pvsid=432946270986874&pem=447&tmod=1101712990&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=12&uci=a!c&fsb=1&dtd=102

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Nov 2021 07:12:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 image35.jpg
jackkuba.ru/zahav44/ Frame C62A 8 KB
8 KB 88ms
88ms Image
image/jpeg 84.94.227.80
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jackkuba.ru/zahav44/image35.jpg
Requested by: Host: jackkuba.ru
URL: https://jackkuba.ru/zahav44/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 84.94.227.80 Tel Aviv, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: dana.spd.co.il
Software: nginx /
Resource Hash: 1e0b414b5c9fbc0512db4904a30eb08a1597688c565ed6f2463d33284ad280d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jackkuba.ru/zahav44/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
last-modified: Wed, 17 Nov 2021 13:40:18 GMT
server: nginx
etag: "61950642-1eba"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 7866
expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46BD 0
0 30ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGi6aCwIIxweLk9TBpTW4NfvY7vX50ahQhIv0oZDpyVBbGlkrDIgYE0CapYXFVcv5ge3ZJd9NRobHUfOnBCVIkMOL9XYcDFg_cDgeXPG9H81iX8PvCdubWK5rg-UHe4tDt-u7PNlWhxYQcmiWCKlqhCFTUbFDfqkyQ4xyK61Q1CEXvmw1rybER8nUYNPVk8n-mVun7bzYa3yESTiCx2GE038Vcytl7BDKIiqdEKtUnCFM_tBEfPAB_iNVMG-Mrs5p9-c05QbNrTH8gEvQT6HzZcztgdd0E1wTDNYzUN7vgrfGGCC6PiCfaiwkPOa1xsTB1IA&sig=Cg0ArKJSzDxsHEqsmqtfEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 46BD 2 KB
2 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 07:07:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 46BD 119 KB
36 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H2 200 16444746017735140836
tpc.googlesyndication.com/simgad/ Frame 46BD 98 KB
99 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16444746017735140836

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36159dd267199f98113b0d7df6cf062260a694f4d5c5e861db7595655a0eda40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:28:08 GMT
x-content-type-options: nosniff
age: 589474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100488
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 10:18:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 11:28:08 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 946B 0
0 30ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrpTxj2yAbCitAFEt4aWYcu4SoO9sR1PQ0kQKCsgLFBH9_H8rd1s0I3yyEs2fl3PiH0NAtfjzTZ_x2RPQ207TyAmBzfNx2Ahn_nBpBjl67FN_acUc5W8sXWXLgQOsNKO_vWTTSBZj0GF7A8awa6jBGodNHps7YL6i2mO2UU_5lAXkCbvjm8wqN07iLlthBMAHSrjKtUPTGY_LJpnZGlaSbUv9kqlwcbuXGepwEeEwmXnfbOQol4in5meIQlpm6gxRGOsSrwB3bu5t_6ea7smZUgeuQeb-pem7NZzILPUIqTe44XI_vtRH8JFCKCrex802zOeVQ1xbUvag&sig=Cg0ArKJSzG5lH2pE_3WqEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 946B 2 KB
1 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 07:07:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 946B 119 KB
36 KB 39ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H2 200 11627669212830062651
tpc.googlesyndication.com/simgad/ Frame 946B 41 KB
41 KB 48ms
31ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11627669212830062651

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3868fa612bfd28d9dd314ca34477ba99b1858206c926b71f81561c10bc0628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 23:37:28 GMT
x-content-type-options: nosniff
age: 113714
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42072
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 10:16:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 23:37:28 GMT

POST
H/1.1 204
No Content view Show response
stat.media/counter/ Frame 7099 0
135 B 60ms
60ms XHR
text/plain 82.148.14.195
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.media/counter/view
Requested by: Host: stat.media
URL: https://stat.media/sm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 82.148.14.195 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: sm-server1-1.ssel25.imcmdb.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: nginx
Connection: keep-alive

OPTIONS
H3 200 winner
hb-dot-valuad.appspot.com/analytics/ Frame 0
0 99ms
98ms Preflight
text/html 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics/winner?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Origin: https://www.zahav.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.zahav.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: content-type,x-request-id,x-vad-version
x-request-id: undefined
x-cloud-trace-context: 98b6381c2c23c8ff6b5a5b3194b18b2a
date: Wed, 24 Nov 2021 07:12:42 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B904 0
0 32ms
32ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfiCu7gzU5JA1l8OJPjiMUl-XORL0MaPy3kJUPHJQgWtyxKk7wJVYMnDrgHPgCGdDNXFkUcVmmlP_0hiA878neWP7oebeBYYWQ3PMdFeLUAixRBSEXsOl7igIsgaLsdFxLUTH8Wq2YwdXD9OGlaxMOAGN9CdynkWBmE71ThCdL6v7LZQ86voOCzAexD1UzBOlJD5JNwZSyP1Ez7daOiX50x7oE496UlAilsuCCbJYRrC6u4K8lj493V32yMuCPHRDuTPA_eRTvVOjv6VcjD78PbiS9xvyLPBJc_ofXlbK-88F5xF53-1zBvtrRGyi5lumQauQLga9DWg&sig=Cg0ArKJSzIVqJd96dsBeEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 winner Show response
hb-dot-valuad.appspot.com/analytics/ 16 B
35 B 103ms
103ms Fetch
application/json 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics/winner?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json
Referer: https://www.zahav.ru/
x-request-id: 55eaedcd-5498-4441-abb1-43dfff6c9817
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-vad-version: 0.3.7
Content-Type: application/json

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zahav.ru
x-cloud-trace-context: 9f28fb2246b6439d3a0860915a681339
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame B904 927 B
1 KB 90ms
25ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=48267046;rtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;rtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

da678728397e067457dbf41846492da5c0a4182a62ea14d4399410f47ba5d881

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 786
expires: -1

GET
H/1.1 200
OK v1
a2121.casalemedia.com/impression/ Frame B904 43 B
303 B 41ms
13ms Image
image/gif 185.170.60.152
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a2121.casalemedia.com/impression/v1?bidID=cc66ecad-03f7-4c25-a15d-2648b4d1d999&traceID=c6eubqn3d2tdnfennkk0&dspID=111&userID=&cmpro=0&ap=0.4634
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.60.152 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 43
Expires: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B904 119 KB
36 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 17F0 189 KB
55 KB 52ms
4ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 27728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:30:34 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 17F0 13 KB
5 KB 77ms
31ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 126026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 22 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Nov 2022 20:12:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 17F0 89 KB
28 KB 78ms
32ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 5575
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 24 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 24 Nov 2022 05:39:47 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 17F0 71 KB
16 KB 86ms
40ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 27261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16759
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:38:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6f5521ec42d8a94a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:38:21 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 17F0 5 KB
2 KB 84ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:06:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 17F0 40 KB
13 KB 85ms
39ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29558
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:00:04 GMT

GET
DATA 200
OK truncated
/ Frame 17F0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc8d764e3a3726365336394866c72123fcfb7ea43fa95ff0106b459b8cd4dfa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 img-bg-0.jpg
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 26 KB
26 KB 68ms
31ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/img-bg-0.jpg

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08777ed0d4e037aa8cd715ecc2b87d413b8eca103fc13f9a26f6eb1993e09344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 15:51:46 GMT
x-content-type-options: nosniff
age: 573656
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26283
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 15:51:46 GMT

GET
H3 200 img-bg-1.jpg
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 6 KB
6 KB 63ms
27ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/img-bg-1.jpg

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a748f4a8cbbeff59fe143223a5fc0e594c7fceacab61ea5fd3b04a71ae0f020c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:27:18 GMT
x-content-type-options: nosniff
age: 589524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5729
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 11:27:18 GMT

GET
H3 200 img-phone-front.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 34 KB
34 KB 52ms
16ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/img-phone-front.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

568ea20350f3746f1b1ec935c859be791d3ae9e28ad16614a6a24d5ed59e9d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 05:47:04 GMT
x-content-type-options: nosniff
age: 5138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34646
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 05:47:04 GMT

GET
H3 200 tf-0.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 3 KB
3 KB 64ms
29ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/tf-0.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10247e1c362b917b73ae4cba155bbd77b50b9d5175d7f5341c0a27a9ca6bfd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 20:20:56 GMT
x-content-type-options: nosniff
age: 39106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3285
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 20:20:56 GMT

GET
H3 200 tf-1.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 3 KB
3 KB 65ms
30ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/tf-1.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

817ad1c88ae1ef0741c72562ab042c8d7d5d01dfd84e2f58c297e92f2526e193

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 11:13:22 GMT
x-content-type-options: nosniff
age: 590360
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2696
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 11:13:22 GMT

GET
H3 200 tf-2.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 3 KB
3 KB 51ms
17ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/tf-2.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa77d8784f46048567782048999c07fe3246a1e5eba25c97a965f3aabc278876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:01:23 GMT
x-content-type-options: nosniff
age: 4279
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3486
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 06:01:23 GMT

GET
H3 200 img-handy-1-2.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 15 KB
15 KB 46ms
12ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/img-handy-1-2.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e184582d7c40f178108fded3ba64f4c106c5351e7a2b71e9916bdec7049faee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 11:53:47 GMT
x-content-type-options: nosniff
age: 69535
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 11:53:47 GMT

GET
H3 200 img-handy-1-1.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 14 KB
14 KB 43ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/img-handy-1-1.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b4922682c486757fba6e61a4b59a948213adb9d1472c2a02c65c1cfe4988027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 16:12:41 GMT
x-content-type-options: nosniff
age: 572401
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14704
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 16:12:41 GMT

GET
H3 200 img-handy-1-0.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 26 KB
26 KB 59ms
25ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/img-handy-1-0.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4625101b810e25dbb37c8449c39ce19490ba12a0b2327d6388f4a3aa91f2a01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:44:03 GMT
x-content-type-options: nosniff
age: 433719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26495
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 06:44:03 GMT

GET
H3 200 tf-3.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 4 KB
4 KB 50ms
16ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/tf-3.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a803e3a1c1ab2d68c8eb2f1923be5112796e3e96317ba1e2e39d6daf1bea5f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 07:15:01 GMT
x-content-type-options: nosniff
age: 431861
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3659
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 07:15:01 GMT

GET
H3 200 img-stoerer.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 2 KB
2 KB 66ms
31ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/img-stoerer.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ff54649bbe95ec97784ba6c62172f53c2939985936f8e0ed84b8f6940f5cf1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:44:03 GMT
x-content-type-options: nosniff
age: 433719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2358
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 06:44:03 GMT

GET
H3 200 img-cta.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 1 KB
1 KB 65ms
31ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/img-cta.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6d53f4a021dfb5e412025170d987e10393ad72bcb079bc258bce73691edc1a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:09:49 GMT
x-content-type-options: nosniff
age: 558173
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 20:09:49 GMT

GET
H3 200 gfx_white.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 99 B
127 B 65ms
31ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/gfx_white.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 17 Nov 2021 20:24:06 GMT
x-content-type-options: nosniff
age: 557316
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 20:24:06 GMT

GET
H3 200 img-logo.png
tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/ Frame 17F0 4 KB
4 KB 63ms
30ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/7166600558018409633/assets/img-logo.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cc5654e7e6825c3971349c841d2fa05fe2fb7329b1a3c9dfd1b154145ddad1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 06:44:03 GMT
x-content-type-options: nosniff
age: 433719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4097
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:42:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 06:44:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9FEE 0
0 33ms
32ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5MKy_PRZx-966PUiU9tfUShesncK9Ow-R--9RpcwxbRy475hU45l6RfLbMW0lUneQGYB00SxOEhQJ5JIiKEOkyvQcqzMhr2dVC4_gZ-x81qOfX6CQX3LSWISm7_z5dr2WoDav5jSMatea3TXM6T00maKU09gI9W9VZTj-ImxVEBTB-aJT32aQr3yX0isGYEzBUAOzeg8eUZvgHH-EIbXk9zDKY0oRSdcccTv0uveW-Keo_vm4BMTrLHusP9wmVABn3xQEvJTf6mnxG0bMAfV_ggXw8H4rVn8bCimKYurFen2woqmEoSpleEvIM9LCsDn6Q_VG-pU&sig=Cg0ArKJSzFL3mhE5XvWFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 9FEE 2 KB
1 KB 36ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 06:58:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9FEE 119 KB
36 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9FEE 0
0 51ms
27ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuBGvqBdsZ8ZsQR3zLO71K75yi51RhHxNW6Sdo-x3Kx_EEkHZuEmx2NnW7JCrMTyxZdKeg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 15292118396261348497
tpc.googlesyndication.com/simgad/ Frame 9FEE 26 KB
26 KB 61ms
34ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15292118396261348497

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3388ea77fdc0e35afffe25c91d0449e5519ad7ebe894f9f7fc5000504b915cba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 18 Nov 2021 09:32:30 GMT
x-content-type-options: nosniff
age: 510012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26622
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 09:21:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 18 Nov 2022 09:32:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 575E 0
0 31ms
30ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0QY0B7zNr8PMs9PCqdU5zOZQD-BqaJZZG9sWEIT1CWO7ihPWUO9Xzejr4BpJs1HUBNROYadZ1h4mh6krMgL0kWfuKwaixiDtQyAuNh9FXe5wzRJR62PUxbdYRSUIY-1dot-pUwgMOU3UZlNTDHD301rg5f8B_SRcG_NQZKsRe0NqnXlC0t6UaDrrl6Cr1uKB65NyOuxFoeCpSN2KLT6tZoV6Mk1ncVrd988md2T6SGYxos7yBXkLKp_kyxriggwoqrwV6mkWGtqz3HDQQ7Ame-_xBvRasliehWRNDqzHEctcbttvFpGgVQxyZoQ&sig=Cg0ArKJSzJctatbRK4KREAE&uach_m=[UACH]&adurl=

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 575E 2 KB
1 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 06:58:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 575E 119 KB
36 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H3 200 557666559039725840
tpc.googlesyndication.com/simgad/ Frame 575E 93 KB
94 KB 56ms
32ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/557666559039725840

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c35415f557bb6ab4551cb5c992c77c49478af6b6e186a1749a876090ba3c30c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 22:00:04 GMT
x-content-type-options: nosniff
age: 119558
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95718
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 18:00:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 22:00:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F915 0
0 36ms
36ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9IdjK0pcXSgJjZUJIJXMnyzAPM9WbF5190rDedeB3hetkUKP5aTetAyNcrDCrJwhMzDDTGuuAHrj3w-VudPTtMerOLTW3iMc4T79nfqtxx_kT5XbvAeXCWB0RQIUBZudLAqUaAC5raHLOfCQ7HbuXf1LILv4QiGt90MITSsKUDKHq2lG5eSG-c25BrWuDH46t2ig0AWcB-2NEYjnFtb5zbyDVIxKefpdJ1pvrFiw6tbBFJGueeZChMCQwMue2BphScYKlUCR_d1T3QxwuOXyN8fFhUvGI1isK6b_2bTwb70d1L9QTKVmrzyzeliXv_drvKwqd&sig=Cg0ArKJSzJuF12-2uAvuEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame F915 2 KB
1 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 06:58:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F915 119 KB
36 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F915 0
0 43ms
27ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQE6aWOsqhKLnVgj9z3vA01zBJAuqtluMakJK8mUTIzIINLsSonB_qxu_fu4MnpmytZNW1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 1433024969441135406
tpc.googlesyndication.com/simgad/ Frame F915 9 KB
9 KB 54ms
36ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1433024969441135406

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39a853f0b625bd5658bd0be53b9dfd1c26ded1125ea902df3154cae33b2679dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 22:00:04 GMT
x-content-type-options: nosniff
age: 119558
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9490
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 15:05:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Nov 2022 22:00:04 GMT

GET
H3 200 container.html Show response
2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D19 6 KB
3 KB 37ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 24 Nov 2021 07:12:42 GMT
expires: Thu, 24 Nov 2022 07:12:42 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H3 200 winner
hb-dot-valuad.appspot.com/analytics/ Frame 0
0 105ms
100ms Preflight
text/html 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics/winner?d=pubsub
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-request-id,x-vad-version
Origin: https://www.zahav.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://www.zahav.ru
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
access-control-allow-headers: content-type,x-request-id,x-vad-version
x-request-id: undefined
x-cloud-trace-context: 64fdc927b1cdd5dfc198d3be8efe5ef5
date: Wed, 24 Nov 2021 07:12:42 GMT
content-type: text/html
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D774 0
0 38ms
30ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyrbhWVAWNyZ8J8HsKx--hTNcpW4sw5OExRYJJ_IKCsYgVRelvHFtNXMrXAdR04-TrVoAUBctjmaJGNyO5EHvxbVcBxb62nT5rySERi_YLPE0TGdUnZAVy_pp2QSYiXbK5hx0tnwMA3nJyu17xuxHaieya7ejdVVPqrzT9jvaUlNtmMUzJG_q-N-wfx4rzWSj0OmcvtR43-zjXw3MjT--2bgXU3nllqAJtppelBGAuLwlxret_CsZ2wneqgEtWCnfKSWkg9Sb4WegwYRkj6JH-qXzKXTAEANQ-SNonSe1gVxBIOswcQMvhFRAyn86UyAEaJvoWGqA-r1s&sig=Cg0ArKJSzA7WpJod8Y5REAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 winner Show response
hb-dot-valuad.appspot.com/analytics/ 16 B
35 B 103ms
103ms Fetch
application/json 2a00:1450:4001:80e::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://hb-dot-valuad.appspot.com/analytics/winner?d=pubsub
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept: application/json
Referer: https://www.zahav.ru/
x-request-id: 89b84786-0c35-4ac1-a88f-76af5272e518
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
x-vad-version: 0.3.7
Content-Type: application/json

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
server: Google Frontend
etag: W/"10-oV4hJxRVSENxc/wX8+mA4/Pe4tA"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zahav.ru
x-cloud-trace-context: 1ed7d65bac953c13a9cb7d4bffe5a5f8
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16
x-request-id: undefined

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame D774 927 B
1 KB 43ms
25ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38516442;rtbwp=YZ3l6gAAAACAKBiTHUl4XTnaiCCXSdaxJw5mxw;rtbdata=qOWrwh5Xf6Ml0MIqg0C4qhx3K6omUzT0_dK9bPJMR3rHkfivMSdh5Y4PmTnCefiJRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93MfpzKx5n9n2A9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXkekKdmpyrtTwkT3NG9jyqazFSDL_BSxhuVcMEM6DeeXbNxalxDxHnNSLb7_B3NKuUHhIpkoas3H0

Requested by

Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

4dcf81a91db78880c943af4a4ff799bf65b04e462ce7b24a89d25a72ebbabf47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 790
expires: -1

GET
H/1.1 200
OK v1
a2121.casalemedia.com/impression/ Frame D774 43 B
302 B 22ms
17ms Image
image/gif 185.170.60.152
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a2121.casalemedia.com/impression/v1?bidID=c931bdeb-6404-4bfd-a3be-6db02154a3eb&traceID=c6eubqn3d2tdnfennkk0&dspID=111&userID=&cmpro=0&ap=0.0309
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.60.152 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:42 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=99
Content-Length: 43
Expires: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D774 119 KB
36 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H3 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 17F0 3 KB
3 KB 39ms
32ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 05:59:37 GMT
x-content-type-options: nosniff
server: cafe
age: 4385
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Thu, 25 Nov 2021 05:59:37 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 17F0 344 B
368 B 34ms
31ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 1588
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 25 Nov 2021 06:46:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 17F0 0
0 22ms
18ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQVnIiMkwcM32Y1siwCbuvkhzq7w82m_W9-xHKuA1PT-n0r2JKd5oQ7R40xnGTTzjRzGVo
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 17F0 0
0 43ms
40ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVvI26uWdYaHfFcnGgAfrkKTIBpTn6sBmqNCM6osPhbja58EpEAEg0ZPDKmCVgouCmAegAePRhdsCyAEJqQJJ9CHsiNmyPuACAKgDAcgDCKoE9wFP0Puf_chE0On4H6UR-8dc6Rf_F9_j9mcD5DvPcnZV20KPvRibd7nhjzltm7xERpRIN4dBuZZy7czMLHo9UM_JNW5uxLh9qZX7z4n5VWjrobEn3hflRbPEn3PGO9RBekBpWYrdFOXGfj5cmOrEz2F-iHNOLM-JjX2M8WZzS87bjtwhVNWCyoLieQc6TPx6w3lSSS9Dde1SLa6UZabPkEnSWBXa5rr3qwxmhKEEgapTD-P1FPW3J_LiNp1WeRe6Pbv8beU6ktD0dJSoEXgdPDMkB_0RLBDSy_KABCX8azq6D5wngGm4fxla_fOPJbF1e7J1Rc6b2O1YwATu6L2b7wPgBAGgBi6AB4Wu-qQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQw8wE0ggJCIDhgHAQARgdgAoDyAsB2BMD0BUBgBcBshceChwIABIUcHViLTQ0OTE2NTk0OTYzNzIxNzIY8eYT&sigh=kuskcTjXrVY&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 21ms
20ms Image
image/svg+xml 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
last-modified: Wed, 27 Oct 2021 07:56:12 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1635321870.095195"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Fri, 24 Dec 2021 07:12:42 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 91ms
90ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=92675bdad15f14ae9b63f6694fdcb73b_73087_1637737962656&tm=969&eT=0&widgetWidth=300&widgetHeight=196&widgetX=985&widgetY=3872&wRV=2000523&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=374&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
X-TraceId: a2aff6c93debbf28d61067ca9915760f
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000523/module/ 55 KB
19 KB 25ms
24ms Script
application/x-javascript 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000523/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 790469469c3c815fb0dae21a7c1894b33a7dd8670e7ddb0772d22757f8d21ed3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
content-encoding: gzip
last-modified: Wed, 24 Nov 2021 01:02:44 GMT
server: AkamaiNetStorage
etag: "774e7033e1342a4f7a5183b2e6a8b7b9:1637735450.082033"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 18905

GET
H2 200 get Show response
odb.outbrain.com/utils/ 30 KB
10 KB 245ms
245ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.zahav.ru%2F&idx=2&rand=26668&key=NANOWDGT01&widgetJSId=HPC_2&va=true&et=true&format=html&pdobuid=-1&t=ODVhYzZhZmYwNGQ3NzVmZDM5ZDQ0NjI0YzczYWE0ODI=&adblck=false&abwl=false&px=490&py=2139&vpd=939&cw=480&activeTab=true&settings=true&recs=true&version=2000523&sig=nusnWvhS&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 82f2949ba83bc2ae729046af34a2b9344f313e665ddc32041da2346cd0d56403

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 167.82.174.27
x-cache-hits: 0, 0
x-traceid: 2ee6a2c459635db3e6680ac41e1b096b
content-encoding: gzip
content-length: 10079
x-served-by: cache-lga13627-LGA, cache-hhn4030-HHN
x-timer: S1637737963.814992,VS0,VE234
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 46BD 0
0 31ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujj4AlDNovO12PLON_Yz6MgbdbfgPDcKj0k_Zu1yLtgcz_8qwapVOCkN8KlsMLCq5R8CR-z7lS6eL79P0aFkVV-4uvEiI57jsdtrs4Di2hnK29uzJvOwywSkTnlmCrMrenpxNx7wZHp0uGXjkQtYKPBIRAqRCRBGAAQa1BgNhOfV_jpdIX9RbG9cHO8_aJkqO70O4CuL0YoQsbSnX3U37rN3ugJzQkINsS_uhAXZa2a7UjUkglgniVcyu_jWMxb6QI3sBEIGsaP9Kk5e--wLNRCCDs3T0lZPVkKleMa3sAD2TLO-dOkItJE7Uj2DLcGhCM1VE2&sig=Cg0ArKJSzD2AjNa4ex7EEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
DATA 200
OK truncated
/ Frame 46BD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad167bd04c5cf49f4c4751e022e7c96e0ce36c9a2c3deb0a74034d532e0f8b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 946B 0
0 30ms
30ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaAPJpCvqgjjx96qeuJ9jx4Ffq7Cul61_x9elmrGSCAEWMLmQamP-TUPl2kxsC4XqUyX2Ahgh9rmvM81k3VYYoJr6weTWTyAQPUd-qJIfEzVof7jiKp6HhmpmhzOZjhH8wnCJ_VIOEECL7ROc3iqIHhM8T0I6O8sYoY64l4AoB97iTr3ruByj4ytjgqD4yUS8gnzA6jSmXB1tmQwwfQ6G78IlnmLCgjFIUuICEkkNPx-yzSGX4O0VkYBuoET9Xi3httNob5pO-yDivFjjPlLvxgKyC_TCVn2DZATcLbke-qQPE--m4Q9MlQ2X3z8ZZCUf9HXckdOpt9AdYrg&sig=Cg0ArKJSzLDbIUSLPNnwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
H2 200 eyJpdSI6IjAzNjMwNDAyODAwNDc2YzgyNjlhZjUxMjMwMDRiMDlkYTQ1YTcxYjM0MTA1NTc1NzgwODc5MTEwN2JjNWI1OWUiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 2 KB
2 KB 54ms
15ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjAzNjMwNDAyODAwNDc2YzgyNjlhZjUxMjMwMDRiMDlkYTQ1YTcxYjM0MTA1NTc1NzgwODc5MTEwN2JjNWI1OWUiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2939e232f54032b1e76268e32b57ae78fd39277d1744d93bc7f7917dd9bf60ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
cache-control: max-age=2221481
last-modified: Wed, 17 Nov 2021 17:49:53 GMT
x-traceid: 32d14d90104f7c40c5c0646ec78ac333
timing-allow-origin: *
content-length: 1888
content-type: image/webp

GET
H2 200 eyJpdSI6ImZkNzVlNGJiMDYwMzI5ZTkwMmM1ZDc3YTUwNGQzNDhkNTk1MGI2YmYyZWY0ZDJkZjNlNDgyNTUzZjIzNWM1YjgiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 7 KB
7 KB 67ms
29ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZkNzVlNGJiMDYwMzI5ZTkwMmM1ZDc3YTUwNGQzNDhkNTk1MGI2YmYyZWY0ZDJkZjNlNDgyNTUzZjIzNWM1YjgiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 706a5523eeac69381f3635cb15a7b5ff041d55ffc5ebe0253419f7950edcd612

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:42 GMT
cache-control: max-age=1380124
last-modified: Mon, 25 Oct 2021 05:28:40 GMT
x-traceid: 8a4fc218f37a1f017780db4e4e3b6a47
timing-allow-origin: *
content-length: 7082
content-type: image/webp

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F915 0
0 30ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGDN46rcmLgP35wMPrNh7DXQX-2PKpfph-PuFKUDGkVognfxAI8xKxuzoTNsO5p7q262Ul9cJBBOhWaffR1e3sn7geGkamqlEUafQHT9Kzx1sk8IyhP7rMW_RbKdSfIyFNba9TwBhc4-nsbKLtyZibWeGwRx0VUVAMoKpIC3IUECZsfOWwV0lUTBIssE232NKbAgjc_sfo2qFdBvJLSLz39VjQ_FS9LoMQDS1kf7z3ia_NML4mzUbV9gQo606_bQpbyJqNf-oH0nRf700SskkHjSUep-cX-gVOxk-J1VEz1E369Qt41HPZl6fVCCX0OTg2wavMLkA&sig=Cg0ArKJSzCIF0Q94rf8bEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
DATA 200
OK truncated
/ Frame F915 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91429781002e9d73f65d83c61cb6642a63434b916a7fa6d672763cf34858ad67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9FEE 0
0 29ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKB0q-op8jZAHxg1p00a013DGieK5uhk0Ux5CwVqGagiZQZTpTGpzQ2EGcSSfVvMoJKWIWxbGbLGHthUDdsZSTGJjR2g8XHREJ8ZZ3B8IPs8Wr9GZBWp5xdEgdfEsHgBGnSw9Z_Q2bswN1-JcoED1rbe0eYxMLkAoCZTvqzm13cQgx4J-hzJA5V-BJnDQ8gi0GcmbMl2g-g2E-_xXbZf-P_ziiMLqUN69g9UdFXFwg3nBVQ2oJPpsxhmMtFQRBKXi0o8_8eHmLDtjJMW-8upXytufnG-DYWIQ7rJ9sDhB4_SEi-PxeahUbhcAE5ehgYl1Fn5DEPT0y8g&sig=Cg0ArKJSzHq9WKRYJBMPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
DATA 200
OK truncated
/ Frame 9FEE 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa4008560304bd545cd264a4347258ed3cbcb6bedf27d7eca5437862e51a32ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 575E 0
0 29ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgcD3SVcSaKnw3Zsxc858cEXsYRMT2zT7QIsOj6NQ89GwaUQ6xQ-mlibBt0Hz-J8Ifzhzjc96yUbxnCOG4PMiakIa-5SiAxypoPmqtM-PifkXowYIkitl4JkIXM7N8xFF1wkfNRSRTz5dod-VliSi5tPUxVgENBDfbd96FedK3LCYp_L-aMtvAjluXG0RCTe3jXSJZsCV5jPho3BDuR3s3w_m64ZnoAUNT_UTME4ZNJ4A0O83zNzhRKNiEQKow6Bx7hebVeLSop6dZtvPmrZmZnSrkVQmSFtKuly7pgV5UpLsNcJQd58ylZgNo7HUt&sig=Cg0ArKJSzF9Puz9-iECJEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Nov 2021 07:12:42 GMT

GET
DATA 200
OK truncated
/ Frame 575E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a021b71662ab222a630cce422661ffc3720da672bcbe8d0c9dfd354eb4d408f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame B904 33 KB
16 KB 93ms
37ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=48267046;rtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;rtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 25 Nov 2021 10:18:44 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame D774 33 KB
16 KB 100ms
44ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38516442;rtbwp=YZ3l6gAAAACAKBiTHUl4XTnaiCCXSdaxJw5mxw;rtbdata=qOWrwh5Xf6Ml0MIqg0C4qhx3K6omUzT0_dK9bPJMR3rHkfivMSdh5Y4PmTnCefiJRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93MfpzKx5n9n2A9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXkekKdmpyrtTwkT3NG9jyqazFSDL_BSxhuVcMEM6DeeXbNxalxDxHnNSLb7_B3NKuUHhIpkoas3H0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 25 Nov 2021 10:18:44 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 61 KB
15 KB 1079ms
1072ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.zahav.ru%2F&settings=true&recs=true&widgetJSId=HPP&key=NANOWDGT01&version=2000523&apv=true&sig=nusnWvhS&format=html&rand=37721&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ODVhYzZhZmYwNGQ3NzVmZDM5ZDQ0NjI0YzczYWE0ODI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=3&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&dpr=1&cw=300&activeTab=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000523/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5724fda09737eb666940b58a5273c368bad8510092c4d690ecd1e720a7b33b39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:44 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.43
x-cache-hits: 0, 0
x-traceid: be400543fafbc605ca3f791efdf8a42a
content-encoding: gzip
content-length: 15524
x-served-by: cache-lga21943-LGA, cache-hhn4030-HHN
x-timer: S1637737963.007801,VS0,VE1066
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
c.lentainform.com/pv/ Frame 9897 0
308 B 95ms
86ms Script
text/plain 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.lentainform.com/pv/?pv=5&cbuster=163773796299897826675&uniqId=043bc&niet=4g&nisd=false&jsv=es6&iframe=1&ref=https%3A%2F%2Fwww.zahav.ru%2F&cxurl=https%3A%2F%2Fwww.zahav.ru&lu=https%3A%2F%2Fwww.zahav.ru%2F&sessionId=619de5eb-0e9b1&pageView=1&pvid=17d50ca1df78966933a&site=465657&implVersion=10&dpr=1
Requested by: Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/z/a/zahav.ru.684064.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b30d49ceb95d214-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 8 KB
1 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Requested by

Host: www.zahav.ru
URL: https://www.zahav.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccde6bbe19344ed2ad02ea2b39df745c25378d76b38164ec6d8061b65e74f56a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 1478
date: Wed, 17 Nov 2021 18:28:31 GMT
expires: Thu, 17 Nov 2022 18:28:31 GMT
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 564252
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7D19 0
0 32ms
32ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C0b-_6uWdYaLfFcnGgAfrkKTIBvrficxmv-Damd8Otuzs7K4JEAEg0ZPDKmCVgouCmAegAbjoisADyAEJqQJJ9CHsiNmyPuACAKgDAcgDCKoE-gFP0CAt1MzMBV3ypfhWyfG0wW_3IbRlcRFlxlDi3rB2lwKiP2QFXZGfS48gqDLf9GWxZ3vK7bhOJaDB2KmQBi6qpf3LlTW0LPwRcZI8LoKS4nrzRqs25l7g5F9O9SJk6MjkfCM_YtbxPkrwQbb2SvA6xcLkdqJL2J2lyQizAA3RTL0_ubhxpLG3NeTgghbWR9rCSVJ0ipUKz60O2nfcuK0GUYSTgxoNLQVcPFL67z6GNIPQTk9E2lbssRYXsbN9U2vIhqgo2SSHcp6jzdNiW2B90eoji0Ub39K80qvCcncgibb8LxXHcVKBjw0JArWImYZrYs8UdUJAEvYvwATcttbb5QPgBAGgBi6AB7CX9T-oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDprgXSCAkIgOGAcBABGB2ACgPICwHYEwPQFQGAFwGyFx4KHAgAEhRwdWItNDQ5MTY1OTQ5NjM3MjE3Mhjx5hM&sigh=ZvWbVeJI08Q&uach_m=[UACH]&template_id=419
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 7D19 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite_fy2019.js

Requested by

Host: 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
URL: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7840
x-xss-protection: 0
server: cafe
etag: 9525834815172239946
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 07:07:31 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7D19 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
URL: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 06:58:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 06:58:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D19 119 KB
36 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
URL: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 07:12:43 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 7D19 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
URL: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Dec 2021 07:09:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7D19 0
0 15ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRwtVA1PXymIY4p3DXK_G3ICHWB--ds6P-jbUFpQsH8gKst8FaUh31jw5Kmgz74W_67Ajw1
Requested by: Host: 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
URL: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 99EC 9 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 Nov 2021 16:08:31 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 99EC 26 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 24 Nov 2021 16:13:39 GMT

GET
H3 200 tinyanimatefix.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 882 B
400 B 9ms
9ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/tinyanimatefix.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1183307783cf23654d3a290fdd33a2387be5d4651145b67f5527da2729bec0bc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 590388
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 362
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Wed, 17 Nov 2021 11:12:55 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 11:12:55 GMT

GET
H3 200 tinyanimatemin.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 4 KB
1 KB 10ms
9ms Script
application/x-javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/tinyanimatemin.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

932376e026d5cf24ae61b65e0e0598e52fc850214a030a5327e7bd1eebad99b5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 27917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1138
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Tue, 23 Nov 2021 23:27:26 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 23:27:26 GMT

GET
H3 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 2 KB
749 B 11ms
10ms Stylesheet
text/css 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5347121468c3817e5261b94b958e7d4bdcc9c1e16ac6b750c7ddc044ff335212

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 4062
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 711
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Wed, 24 Nov 2021 06:05:01 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Nov 2022 06:05:01 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 99EC 1 KB
985 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Varela+Round&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 06:39:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Nov 2021 07:12:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Nov 2021 07:12:43 GMT

GET
H3 200 txt_verschwommen.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 15 KB
15 KB 7ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/txt_verschwommen.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2c5b702ab3a83e3c2f07ea6376fbe989bbce06ad18dfcbd58f0460a0de33c9e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 95889
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15414
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Tue, 23 Nov 2021 04:34:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 04:34:34 GMT

GET
H3 200 brille.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 20 KB
20 KB 8ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/brille.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e90744876510c3d30951a4f1a14c6b292a2e9fea3ec084eebb55717f928002a9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 433474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19992
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Fri, 19 Nov 2021 06:48:09 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 06:48:09 GMT

GET
H3 200 date.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/date.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

850692e8bb0d9821e1312a461f1db53c185e027d92a1668fcfdb4af8eae7fb34

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 565026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3037
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Wed, 17 Nov 2021 18:15:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 18:15:37 GMT

GET
H3 200 txt3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 6 KB
6 KB 10ms
9ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/txt3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d8e7da5fa8f3002ba6683298d19271ab7f53fd433f654cba9b7db6362bc18f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 95889
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5811
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Tue, 23 Nov 2021 04:34:34 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 04:34:34 GMT

GET
H3 200 button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 3 KB
3 KB 14ms
13ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/button.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d2dac16f1b22edd37d7a8b907e8930c580e30ec97860ba98973b16809f8b6b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 29054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3232
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Tue, 23 Nov 2021 23:08:29 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 23:08:29 GMT

GET
H3 200 logo_essilor_white.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 2 KB
2 KB 14ms
13ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/logo_essilor_white.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d749dbed0c3aa0d6e712f6ae447b94e084671981a141b40a6243b306e21caf27

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 27917
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1656
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Tue, 23 Nov 2021 23:27:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 23:27:26 GMT

GET
H3 200 logo_essilor_txt1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/logo_essilor_txt1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a76b6f87ed1d7d48153d25dbcd258af66c578fecb477a56265d604e18dc12e8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 29054
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1967
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Tue, 23 Nov 2021 23:08:29 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 23:08:29 GMT

GET
H3 200 logo_essilor_txt2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/logo_essilor_txt2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01e30623f1fc127891dee76829fb2eb49cfa3879d193de851b91e45c951849cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 565026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1888
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Wed, 17 Nov 2021 18:15:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 18:15:37 GMT

GET
H3 200 logo_essilor.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 4 KB
4 KB 11ms
10ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/logo_essilor.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b31a8c1eaabb1e6d21a5b0cb05319814c94c5887681e08268c51aadaeddce4c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 71315
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4117
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Tue, 23 Nov 2021 11:24:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Nov 2022 11:24:08 GMT

GET
H3 200 logo_615ea3b5a0e90.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 60 KB
60 KB 15ms
14ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/logo_615ea3b5a0e90.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55da745148e1e253c659038ba651770383155a9fab5f6acaef845fc4468a6ee6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 433474
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61846
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Fri, 19 Nov 2021 06:48:09 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Nov 2022 06:48:09 GMT

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame B904 5 KB
3 KB 21ms
20ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=48267046;rtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;rtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;js=1;adfxid=1x;9763;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|0|0;fd=2|2&CREFURL=https%3A%2F%2Fwww.zahav.ru%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e68456fb8d6a4762b1941c585e43ea23a8e86915e52b8e6eda8f33dc64d5a111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2445
expires: -1

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame D774 5 KB
3 KB 22ms
20ms Script
text/javascript 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=38516442;rtbwp=YZ3l6gAAAACAKBiTHUl4XTnaiCCXSdaxJw5mxw;rtbdata=qOWrwh5Xf6Ml0MIqg0C4qhx3K6omUzT0_dK9bPJMR3rHkfivMSdh5Y4PmTnCefiJRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93MfpzKx5n9n2A9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXkekKdmpyrtTwkT3NG9jyqazFSDL_BSxhuVcMEM6DeeXbNxalxDxHnNSLb7_B3NKuUHhIpkoas3H0;js=1;adfxid=2x;2726;set=en-US|en-US|1600X1200|0|300|50|24|8|3|7|0|0;fd=2|2&CREFURL=https%3A%2F%2Fwww.zahav.ru%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d95fb7c3d8bb1de34f1b1c565ee48f6c981fb3eef7b51e235a843445a5bac4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2485
expires: -1

GET
H2 200 widgets_lentainform_hover.png
cdn.lentainform.com/images/lentainform/ Frame 9897 596 B
937 B 43ms
34ms Image
image/webp 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.lentainform.com/images/lentainform/widgets_lentainform_hover.png
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e209f440ca75da896569871dfe10c5dce2175e276b369d3bb6357ac10db4cede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: HIT
age: 4986
cf-polished: origFmt=png, origSize=1717
cf-ray: 6b30d49d7bf4d214-MAN
last-modified: Mon, 04 May 2020 12:16:52 GMT
content-disposition: inline; filename="widgets_lentainform_hover.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 596
x-amz-id-2: +azFDyoqF0AkRnpMGindqdCze9QonlW+LyQOe5szQId86LBeZwCcbFyRdNLBEG5qOA3CF5Uxfqw=
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "9ddad0c93cb9b674d1c4608776f477cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-amz-request-id: B1H787Y9720J31PK
cache-control: public, max-age=14400
accept-ranges: bytes
content-type: image/webp
expires: Wed, 24 Nov 2021 11:12:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AD18 143 B
163 B 7ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
URL: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 24 Nov 2021 06:58:25 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 858
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7D19 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f76830db36da1e3edc43f963d9f7e85101bc32a84fff6bab3779edb0fcd0d4a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 18ms
18ms Image
image/svg+xml 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
last-modified: Mon, 01 Nov 2021 09:41:05 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1635759801.296949"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Fri, 24 Dec 2021 07:12:43 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 91ms
91ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=0d7d7acf35dd1d744fe49ec28883d6d9_73087_1637737962997&tm=1283&eT=0&widgetWidth=480&widgetHeight=322&widgetX=490&widgetY=2128&wRV=2000523&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=118&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: gzip
X-TraceId: c89d3409ed2efa5ed304b9c7c5a9ca1e
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
odb.outbrain.com/utils/ 34 KB
11 KB 340ms
340ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.zahav.ru%2F&idx=3&rand=38247&key=NANOWDGT01&widgetJSId=HPC&va=true&et=true&format=html&pdobuid=-1&t=ODVhYzZhZmYwNGQ3NzVmZDM5ZDQ0NjI0YzczYWE0ODI=&adblck=false&abwl=false&px=490&py=4566&vpd=3366&cw=480&activeTab=true&settings=true&recs=true&version=2000523&sig=nusnWvhS&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 49bf36b56d0d517f12731cd42b4d301f0b10634c2259d4335c04e8a6e8e20029

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.54
x-cache-hits: 0, 0
x-traceid: 4e85f65afa3ae6650355625f98a34f4f
content-encoding: gzip
content-length: 11316
x-served-by: cache-lga21954-LGA, cache-hhn4030-HHN
x-timer: S1637737963.125414,VS0,VE332
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6ImJhNjc3NGI1ZWQzNGVkYzU3ODZlNTAwODU3MjM1NjkyOWQzYjQ2MjBjMWEyOGM5YmY4YzdmNGExMTY4NzgzMDUiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 7 KB
7 KB 176ms
175ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJhNjc3NGI1ZWQzNGVkYzU3ODZlNTAwODU3MjM1NjkyOWQzYjQ2MjBjMWEyOGM5YmY4YzdmNGExMTY4NzgzMDUiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b3d08e25aea4cc819f13ed7ac9e89a5739c637fd55415fdc36e23fdf93c6869e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cache-control: max-age=2462400
last-modified: Tue, 02 Nov 2021 17:26:37 GMT
x-traceid: 6f35dee96e5d866db892331175fe8f4b
timing-allow-origin: *
content-length: 7422
content-type: image/webp

POST
H2 200 /
track.adform.net/csimpr/ Frame B904 35 B
468 B 20ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=48267046&csi=hDdUtcpVgacTxCFdSef2_fWIsRL6T8SQzuvsUhdV9IrrygPkIxxfk3ALL5rSJXVVTZp__Pfa6uoXODuvwTD8GGQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B904 0
0 30ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuupRxFuhuvALjuBa10tmXyiS1WB9u4RBoeyp5sw1E_pqVUpVdEQrmvHiD9XMi0ocuYTZJ1m6tsPH9RqyunHBo53j6Tj7tI6DmA5Vv1Q0ehNOaEKvYYnEogI3XrmSujKUDIcV7knOwxFityliHEWF0nMUfXq92XO8TzXcpchWHf1T896VuIrmqSH0onZkZNeCDd2q_WrMcKAO1RSGCwSZzaS4YIAm7gRtiWHoDPeA1DvJMkHJjB4h8XnDBQ0S0s8hTTB8dPEUPw4eAKf-Dr4FA8d38inmlMrtAm8TDdiareLjxjts3cjtmc5xrpvGIWhfpk7Zo3mmf_JRf5&sig=Cg0ArKJSzJ2DK3tYG5svEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Nov 2021 07:12:43 GMT

GET
H3 200 txt_scharf.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/ Frame 99EC 6 KB
6 KB 14ms
13ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/txt_scharf.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3347d18bb0f3835c27d24d586e338e5bcfab7ff5ca714479b178c019a797b034

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/13314429548186760122/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 589692
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5893
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 16:17:00 GMT
server: sffe
date: Wed, 17 Nov 2021 11:24:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 17 Nov 2022 11:24:31 GMT

GET
H2 200 w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v13/ Frame 99EC 20 KB
21 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Varela+Round&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:17:53 GMT
x-content-type-options: nosniff
age: 132890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20416
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 22 Nov 2022 18:17:53 GMT

GET
H2 200 / Show response
trendads.reactivebetting.com/sportwetten-de/ Frame 800C 20 KB
8 KB 131ms
89ms Document
text/html 2600:9000:2156:5e00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;crtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;adfibeg=0;cdata=uwePL8LzkQptA9kXLTCI5iecMQEMn9fjH1h6H1YT8SnNtadr6jOxYDdGRu4XE8jOdc2bOWANBvNPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zddW2FxkfuhdnNNO9OOZ8YTQn6AUM3UzEcpnkTpCdy6-w2;;CREFURL=https%3a%2f%2fwww.zahav.ru%2f;C=1;cpdir=
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c4eb1eda1edf90f16ace085613b0d3f9f37eeba7262dbc7211da5bf2571545b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

content-type: text/html
date: Wed, 24 Nov 2021 07:12:44 GMT
last-modified: Fri, 12 Nov 2021 09:44:11 GMT
etag: W/"101dab454985770471e55f43ed4c1d83"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: NB1KtoLLcPR4O-BgCLS7OocauxnvaGF5tpop3DKWD84MNgKepgUDjw==

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame D774 36 KB
13 KB 74ms
34ms Script
application/javascript 2606:4700:3039::6815:c08f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=i2G9+Q==, md5=KT4B161Aam0qyQ5N1n+FMQ==
date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58646
x-guploader-uploadid: ADPycdvct9lgBjn65AsNThnNOmywsZURvzdGcx1Yfei2yedHXlIa7dRt2-EjUUkon85Ifqq449wHNtW_AtkeW1PPqad3whXyvg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 14:54:41 GMT
server: cloudflare
etag: W/"293e01d7ad406a6d2ac90e4dd67f8531"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zc9z57wNjHFnyHROdy5Wgz2N89AfGaYxzUFYzqZkpEVDP9CDhAEC%2FcVd%2F2i8wGayPah%2Fwpi8MfoukrGVB2VF2%2BtGpANHjJ4PUaz9t5h4pJr01beKHg1PLBJ8sZmfXkdzYnXFqkc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1635864881199576
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6b30d49e0d300e1e-MXP
expires: Tue, 23 Nov 2021 14:55:17 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame D774 35 B
468 B 22ms
20ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38516442&csi=xQOL3EhQ4oP2U8cU3KPhuE7xe-L4aEfKnKRWaOGiMrDrygPkIxxfk_QPjzPUSK3E3PZLQnq0pdnpUa0pCRyMdWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 1 Show response
servicer.lentainform.com/684064/ Frame 9897 6 KB
3 KB 164ms
154ms Script
application/x-javascript 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.lentainform.com/684064/1?pv=5&cbuster=1637737963164276826736&uniqId=043bc&niet=4g&nisd=false&jsv=es6&w=300&h=291&cols=1&iframe=1&ref=https%3A%2F%2Fwww.zahav.ru%2F&cxurl=https%3A%2F%2Fwww.zahav.ru&lu=https%3A%2F%2Fwww.zahav.ru%2F&sessionId=619de5eb-0e9b1&pageView=1&pvid=17d50ca1df78966933a&implVersion=10&dpr=1
Requested by: Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/z/a/zahav.ru.684064.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 100c8384ed717645d21853bed1fd9c1dc17e61d6419f8c4a10facf74762b42f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6b30d49dec31d214-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ Frame B904 34 KB
15 KB 24ms
23ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 25 Nov 2021 10:02:03 GMT

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ Frame D774 34 KB
15 KB 26ms
25ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 25 Nov 2021 10:02:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AD18
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

62ms
60ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
URL: https://2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Nov 2021 07:12:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Nov 2021 07:12:43 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Nov 2021 07:12:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D774 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c8c8c252bcb7dbd7b9d4fae55c94cac462f93424a2931275b56bdd6cea16f77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 27C0 2 KB
2 KB 53ms
30ms Document
text/html 2606:4700:3039::6815:c08f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
content-type: text/html
x-guploader-uploadid: ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
expires: Wed, 24 Nov 2021 08:12:43 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 2531139
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOaBZ3Dhw2FEXm8z1J5W%2BPNEkLLXga%2BkStSNAYDuvHrIY2rd0uJkacrzgCTOyMevUsRFynbhnts59%2BeAc0NsTtRO1vGAcv9clGd5sAWv12GChQKTjUinMsUF7SbS8cp95T77sFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b30d49f8cc10f52-MXP
content-encoding: br

GET
H3 200 css
fonts.googleapis.com/ Frame 800C 12 KB
948 B 32ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700|Roboto+Slab:400,700|Roboto:400,700

Requested by

Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;crtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;adfibeg=0;cdata=uwePL8LzkQptA9kXLTCI5iecMQEMn9fjH1h6H1YT8SnNtadr6jOxYDdGRu4XE8jOdc2bOWANBvNPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zddW2FxkfuhdnNNO9OOZ8YTQn6AUM3UzEcpnkTpCdy6-w2;;CREFURL=https%3a%2f%2fwww.zahav.ru%2f;C=1;cpdir=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f162d9444cde39ecf6b1260eef4efa09e711b5ebfc7477fce9444e13d9cae22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 06:16:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 24 Nov 2021 07:12:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 24 Nov 2021 07:12:43 GMT

GET
H2 200 main.ca9182b0.chunk.css
trendads.reactivebetting.com/sportwetten-de/static/css/ Frame 800C 6 KB
2 KB 7ms
7ms Stylesheet
text/css 2600:9000:2156:5e00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/css/main.ca9182b0.chunk.css
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;crtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;adfibeg=0;cdata=uwePL8LzkQptA9kXLTCI5iecMQEMn9fjH1h6H1YT8SnNtadr6jOxYDdGRu4XE8jOdc2bOWANBvNPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zddW2FxkfuhdnNNO9OOZ8YTQn6AUM3UzEcpnkTpCdy6-w2;;CREFURL=https%3a%2f%2fwww.zahav.ru%2f;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 838d62ecfee5112a90fa736246a6b34bc008eb37df0443e118472210bd278f10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;crtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;adfibeg=0;cdata=uwePL8LzkQptA9kXLTCI5iecMQEMn9fjH1h6H1YT8SnNtadr6jOxYDdGRu4XE8jOdc2bOWANBvNPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zddW2FxkfuhdnNNO9OOZ8YTQn6AUM3UzEcpnkTpCdy6-w2;;CREFURL=https%3a%2f%2fwww.zahav.ru%2f;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 00:27:51 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 09:45:34 GMT
server: AmazonS3
age: 24293
etag: W/"ce725a2c4bb20be47a8e03d3545e0185"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: UR8wX4xCitw_kElBmcM-1v8jf9AR6kdxC2NnPbJwCFsnDx5iQ4_Jew==

GET
H2 200 22.be71779c.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 800C 142 KB
44 KB 8ms
8ms Script
text/javascript 2600:9000:2156:5e00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/22.be71779c.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;crtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;adfibeg=0;cdata=uwePL8LzkQptA9kXLTCI5iecMQEMn9fjH1h6H1YT8SnNtadr6jOxYDdGRu4XE8jOdc2bOWANBvNPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zddW2FxkfuhdnNNO9OOZ8YTQn6AUM3UzEcpnkTpCdy6-w2;;CREFURL=https%3a%2f%2fwww.zahav.ru%2f;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dabe089fa606db7c6c7c06ce501499c0c51cebdeb292efcff4b842ec61b4233c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;crtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;adfibeg=0;cdata=uwePL8LzkQptA9kXLTCI5iecMQEMn9fjH1h6H1YT8SnNtadr6jOxYDdGRu4XE8jOdc2bOWANBvNPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zddW2FxkfuhdnNNO9OOZ8YTQn6AUM3UzEcpnkTpCdy6-w2;;CREFURL=https%3a%2f%2fwww.zahav.ru%2f;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 03:21:55 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 09:44:58 GMT
server: AmazonS3
age: 13849
etag: W/"93dbfa78465f0a6f195c376dd32d78af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: g8_uMVHw3qqOc_hsOvbj6EFQfE3rdFzVNuZDyv_GyDp150cMiXjedg==

GET
H2 200 main.7778db67.chunk.js Show response
trendads.reactivebetting.com/sportwetten-de/static/js/ Frame 800C 118 KB
32 KB 14ms
14ms Script
text/javascript 2600:9000:2156:5e00:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/main.7778db67.chunk.js
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;crtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;adfibeg=0;cdata=uwePL8LzkQptA9kXLTCI5iecMQEMn9fjH1h6H1YT8SnNtadr6jOxYDdGRu4XE8jOdc2bOWANBvNPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zddW2FxkfuhdnNNO9OOZ8YTQn6AUM3UzEcpnkTpCdy6-w2;;CREFURL=https%3a%2f%2fwww.zahav.ru%2f;C=1;cpdir=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5e00:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49fc9eb31df784c522df5cbd7734f7633df510ad7e0e0ea731bf8c4b1f112dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/sportwetten-de/?matchCount=6&autoFill=true&sport=Football&language=de&template=MatchBanner&size=300x600adServerClickPrefix=https://track.adform.net/C/?bn=48267046;crtbwp=YZ3l6gAAAAAm4x4ylUT2G82fxCn8hpJQW0qxrw;crtbdata=bN-gJ_rN8wX_MLAwHPc1A4WNVRYsWN8gAWr269TWzApAorSMo8G0YlVZiW92kesfRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93Mf6JYLl--Oft9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXqtI-H4wi6HsZG0le-nN4iF55yZIP-8ZpoHZEEBJx0F0s03pwIr7eNxWeCC2NHdsDGT0lQkXAT8x0;adfibeg=0;cdata=uwePL8LzkQptA9kXLTCI5iecMQEMn9fjH1h6H1YT8SnNtadr6jOxYDdGRu4XE8jOdc2bOWANBvNPFwKoweVoVfdzJlMbr9AHjcvu4ezI9zddW2FxkfuhdnNNO9OOZ8YTQn6AUM3UzEcpnkTpCdy6-w2;;CREFURL=https%3a%2f%2fwww.zahav.ru%2f;C=1;cpdir=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 02:45:06 GMT
content-encoding: gzip
last-modified: Fri, 12 Nov 2021 09:44:49 GMT
server: AmazonS3
age: 16058
etag: W/"165ea99e6653b9f5dac1581649296aac"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: iuPcFQxtzspI9HbENk0hK9Y2oDNabjOT13i3Xh0qz3IamxOdqklv8Q==

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvNDI0MDA3L2ZjZjRmZTViMWRjZjU2Mjg4ZjIxN2E0YmVkOGRiZjM5LmpwZWc.webp
s-img.lentainform.com/n/9716789/100x60/0x35x720x432/ Frame 9897 2 KB
2 KB 106ms
60ms Image
image/webp 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.lentainform.com/n/9716789/100x60/0x35x720x432/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvNDI0MDA3L2ZjZjRmZTViMWRjZjU2Mjg4ZjIxN2E0YmVkOGRiZjM5LmpwZWc.webp?v=1637737963-Ku2jWRcv7jxFDA6OTCNWY07UUggqglDeNaXaxPUDYIo
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8173bbb70e6904d8def54217677c3aeaf9219c69083c68a1f9e1993124e245fb

Request headers

Referer: https://www.zahav.ru/
Origin: https://www.zahav.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:48:07 GMT
x-mg-request-uuid: 292c82ce-2014-4b79-ae46-c1eb5f487f55
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6b30d49fd94bcd7b-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1792
server: cloudflare
expires: Thu, 25 Nov 2021 07:10:40 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvNDI0MDA3LzVjNDJkZmE2MGFjMWQ2NmY1YmIxYjY0Y2E4YTRmMjVkLmpwZWc.webp
s-img.lentainform.com/n/9719157/100x60/0x0x900x540/ Frame 9897 2 KB
2 KB 107ms
62ms Image
image/webp 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.lentainform.com/n/9719157/100x60/0x0x900x540/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvNDI0MDA3LzVjNDJkZmE2MGFjMWQ2NmY1YmIxYjY0Y2E4YTRmMjVkLmpwZWc.webp?v=1637737963-Xkx-D7nONlmGcatAn6LtV8gPmTrZOFVQC_-r4m7KLcY
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d1824c0503e984bcf5ffdb096e73e3469a36c281a6acb60ed3dcd9da5b1455

Request headers

Referer: https://www.zahav.ru/
Origin: https://www.zahav.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 13:06:05 GMT
x-mg-request-uuid: 6a7da957-e976-46e1-972c-5e3b231df064
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6b30d49fd94ccd7b-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1554
server: cloudflare
expires: Thu, 25 Nov 2021 03:37:38 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI1NDc2LzdjZjJjMDJjOWJkOTBmM2MzMjYzMDhjYTZmOTc2Y2U4LmpwZWc.webp
s-img.lentainform.com/n/9775041/100x60/0x0x5760x3456/ Frame 9897 864 B
1002 B 109ms
64ms Image
image/webp 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.lentainform.com/n/9775041/100x60/0x0x5760x3456/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI1NDc2LzdjZjJjMDJjOWJkOTBmM2MzMjYzMDhjYTZmOTc2Y2U4LmpwZWc.webp?v=1637737963-SHTOG5nEM-vmUKcS2sXkndfKhhvxBs0hO2GbL0f_aW4
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfa9fbd00dd4368ee0d40975dbc5facd898fba67a371b49ed6b4eb5330b974c3

Request headers

Referer: https://www.zahav.ru/
Origin: https://www.zahav.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 09:24:23 GMT
x-mg-request-uuid: 8f941527-2ee5-4a00-b176-ee6796fcd5d3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6b30d49fd950cd7b-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 864
server: cloudflare
expires: Thu, 25 Nov 2021 06:36:03 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvNDI0ODAxLzEwZGUyMzg1MWZmMGRlZTk0YWIwNDdhMjc1MmRhOTIyLmpwZWc.webp
s-img.lentainform.com/n/9677848/100x60/92x0x659x395/ Frame 9897 1 KB
2 KB 113ms
68ms Image
image/webp 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.lentainform.com/n/9677848/100x60/92x0x659x395/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTAvNDI0ODAxLzEwZGUyMzg1MWZmMGRlZTk0YWIwNDdhMjc1MmRhOTIyLmpwZWc.webp?v=1637737963-edkLAG2FPaQay4yWGuT0nT7PvLq93ZC1zMHHEK8URQg
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85757a08415eee91b4dcbcfd8af467df2779c49496a1bb8dc5f8a6fb93c73327

Request headers

Referer: https://www.zahav.ru/
Origin: https://www.zahav.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 13:18:15 GMT
x-mg-request-uuid: f735c162-4a0c-402e-ad6f-a88eedd85770
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6b30d49fd94fcd7b-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1430
server: cloudflare
expires: Wed, 24 Nov 2021 21:16:45 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5LzdkZmEwYTE0MzYzNDZhODVjMDNlMGRiOWM1NDBhYmJhLmpwZWc.webp
s-img.lentainform.com/n/9786264/100x60/153x0x600x360/ Frame 9897 2 KB
2 KB 196ms
151ms Image
image/webp 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.lentainform.com/n/9786264/100x60/153x0x600x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDM5LzdkZmEwYTE0MzYzNDZhODVjMDNlMGRiOWM1NDBhYmJhLmpwZWc.webp?v=1637737963-da350HMhF6e55vM0_q4aOeLZxg_NiVMdlx_yzhoon7c
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7709b9132cd6a50ee083aec4e56d3388916469afd3aeac0064d64a31936cf1f8

Request headers

Referer: https://www.zahav.ru/
Origin: https://www.zahav.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: HIT
last-modified: Tue, 16 Nov 2021 23:25:45 GMT
x-mg-request-uuid: 595dd05b-07e2-401a-b757-95c1c8d474c6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6b30d49fd94ecd7b-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1920
server: cloudflare
expires: Thu, 25 Nov 2021 00:18:24 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDA3LzBkZTNjNzg2MWZmNjI0NGM1NGNhNzVhYjBjYzIzOTFhLmpwZWc.webp
s-img.lentainform.com/n/9751945/100x60/0x0x1001x600/ Frame 9897 1 KB
1 KB 191ms
147ms Image
image/webp 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.lentainform.com/n/9751945/100x60/0x0x1001x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjEtMTEvNDI0MDA3LzBkZTNjNzg2MWZmNjI0NGM1NGNhNzVhYjBjYzIzOTFhLmpwZWc.webp?v=1637737963-fDSfMIPCOi8rG7bD6Kr3UT_QwXCt6etN5TFKMAsRAH8
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6417c8ba0adb5426cb41e0979e4c9826838622267c95b252955cd3b0a78b4312

Request headers

Referer: https://www.zahav.ru/
Origin: https://www.zahav.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: HIT
last-modified: Mon, 15 Nov 2021 10:34:47 GMT
x-mg-request-uuid: 97e717a3-84e7-4a1d-8c17-aac9b1523c1f
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6b30d49fd94dcd7b-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1160
server: cloudflare
expires: Thu, 25 Nov 2021 06:37:33 GMT

OPTIONS
H2 200 view
trendads-swarm-api.reactivebetting.com/.crm/banner/ Frame 0
0 148ms
100ms Preflight 2606:4700:3033::ac43:db26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads-swarm-api.reactivebetting.com/.crm/banner/view
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:3033::ac43:db26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://trendads.reactivebetting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://trendads.reactivebetting.com
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-credentials: true
trace-id: fa90575952520780
cache-control: no-store
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gloFKdfWAaO%2BwNrekC3qC5aok6wzIpq%2B34Xr%2Bb6NZgOyvLQQuhvOdFTRH6zfQKp0JmWOcIp4tvqOOEnUfrdPTUVs%2BCfzpB2TpI%2BS2EBxi8HJ8Ws%2B3TVj3RjPKwNTUsEnhFAGw5yPzLkxQleLKWZgbAfxMXcF9amHpifG6ib9nPf5e9TJ%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b30d4a01c6e59b9-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 de.json Show response
trendads.betfindr.com/i18n/sportwetten-de/ Frame 800C 15 KB
5 KB 61ms
7ms Fetch
application/json 2600:9000:2156:2400:6:834a:a040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads.betfindr.com/i18n/sportwetten-de/de.json
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/main.7778db67.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2400:6:834a:a040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a759c9120394fec99cf2cc8c3e591520e688ff6aca64e352859bb7fb9e728aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trendads.reactivebetting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 04:17:53 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 08:27:17 GMT
server: AmazonS3
age: 10491
etag: W/"d38341505f42d14b8702b20d427f7f46"
vary: Origin
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: N9Bv4IZIiCdJo0yr2OK6lqhNRLJuLa-VUFF1xbCNhOAZRdAHwTQTIg==
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)

POST
H3 200 view
trendads-swarm-api.reactivebetting.com/.crm/banner/ Frame 800C 0
0 94ms
69ms Fetch 2606:4700:3033::ac43:db26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trendads-swarm-api.reactivebetting.com/.crm/banner/view
Requested by: Host: trendads.reactivebetting.com
URL: https://trendads.reactivebetting.com/sportwetten-de/static/js/main.7778db67.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:db26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://trendads.reactivebetting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OH1kcaoxY9U8YGsTM7mGhGGqz2VlvJYgOWPzOjuBlShe377kAaAqDL1irxPLRJMELDac1JK5PibrPNPBKKl2u8RKuHoJiY3%2BObpEurtyf9QujYSsGDOfnfCiY9EQrW8MWGOQy0nR0zGgVOi%2BJvuplrqt%2FTfIAo6Ns8PaOSuxyuCU3VCA5w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://trendads.reactivebetting.com
cache-control: no-store
access-control-allow-credentials: true
trace-id: aeb3939fe27f50f5
cf-ray: 6b30d4a0ecdd5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 89ms
89ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=ce1bae2cf96ca205696152d6971b7e02_73087_1637737963404&tm=1659&eT=0&widgetWidth=480&widgetHeight=755&widgetX=490&widgetY=4560&wRV=2000523&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=372&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: gzip
X-TraceId: 590f46df5162712aac0553f2a2cdd3fd
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D774 0
0 30ms
29ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6NV1YWkBceOdZUjM87m88QXepLgiNV1my13mognc6EBUd7HjHy51Oj2_XG53ZMyfqj8IGBjbvur8SCMxcZGql7gdUYjxml323kmapNCWKlrrPLkX8Gf9HGgSOEjYHCUzH5E0QURkBmVNNRe6xpL7ajHH7loC0PFIylTqpHmEZAqz_-2JJK49adHhVdGh51DuNPKIIKdUaf9-urTeqYJnypNMYNCP6YfhwJnmiy_e7hYD4UKy4_ba5mBIbl53wE32P8-bEy_pfOKjjiANUg_7PZhvsFZBak1bj3kpFDR_PtyeWDXaAEhKkiHcFkhQr9ewB3Evx5MQa892h1w&sig=Cg0ArKJSzAu-EH-jsjCUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 24 Nov 2021 07:12:43 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame D774 882 B
1 KB 53ms
53ms XHR
text/plain 2606:4700:3039::6815:c08f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c483f99a9fd7d350b37e80ac52a094003ab750e90200f215eb02c3b143f5236

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b30d4a06f2a5a13-MXP
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EVceKucUUJjm9w43%2BB%2FnfX6kg7MqJB%2BK6ihaJ8zZCr97MBJP4eRL58H1Aok%2Fhgp7%2Ba44VETh1HpJfjNzkQEZZfCzb2mGJfYGiW2NM0mGbuxo%2FbYiRVG%2FMKAta6S%2FULzfaKMfzs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://www.zahav.ru
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-strs

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 64ms
45ms Preflight
text/plain 2606:4700:3039::6815:c08f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.zahav.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://www.zahav.ru
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-strs
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UnKHzLiuqh1v9uKqR1kRFCK1JJFHkKNQf5ztBUsSsKS2y1kpfB8j9DjDXMWKTZGUtVz3PmdzyXeo%2FzQ8JXA9srKjSgV9eunEUMXdd2F7QJkPL6jY9B1Isn6Hq7a8viu02zaenHI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b30d4a02e735a13-MXP

GET
H2 200 i.js Show response
cm.lentainform.com/ Frame 9897 127 B
286 B 92ms
82ms Script
application/javascript 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.lentainform.com/i.js?&cbuster=1637737963513439698353
Requested by: Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/z/a/zahav.ru.684064.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b02be371236cb382ac86d568c1837f692c3f0c8221a17dd5637384ae0bd26b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b30d4a01d43d214-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 i-noref.js Show response
cm.lentainform.com/ Frame 994D 19 B
143 B 84ms
84ms Script
application/javascript 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.lentainform.com/i-noref.js?cbuster=1637737963529734267301
Requested by: Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/z/a/zahav.ru.684064.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6b30d4a02d45d214-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 counter.php
autocounter.lentainform.com/autocreative/ Frame CDFA 0
51 B 276ms
266ms Ping
image/gif 104.19.217.61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autocounter.lentainform.com/autocreative/counter.php?id=465657&pid=51160&referer=https://www.zahav.ru/&cxurl=https://www.zahav.ru&iframe=1&undefinedh2=CBvd3SiXK6CDlaashqQY2P1flr7oH3XRjeqGg-aXiiU*&cbuster=1637737963553166988598
Requested by: Host: jsc.lentainform.com
URL: https://jsc.lentainform.com/z/a/zahav.ru.684064.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.217.61 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b30d4a05d59d214-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 /
cm.mgid.com/setmuidn/ Frame 9897 0
686 B 122ms
75ms Image
image/gif 104.19.134.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/setmuidn/?muidf=lanHWFD5U3cn&t=20211124071243
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.134.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6b30d4a0eaac3b9d-CDG
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame BD2E 2 KB
2 KB 60ms
59ms Document
text/html 2606:4700:3039::6815:c08f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=36039&b=YxqtrfzXW2uQKWtVH8t3HQt1e2TAT1TXqar&f=q4gUmfBZkzcYdWCZHRt1HRCMwJhPTgTY6H3&c=320&d=50&e=uuDJJRW3uGJghM4j_rnFbM_JnYRY0iIq&g=7c4a186ef481d7fb776330e490485e59%2F132080034052833088&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637737963611&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516442%3Bcrtbwp%3DYZ3l6gAAAACAKBiTHUl4XTnaiCCXSdaxJw5mxw%3Bcrtbdata%3DqOWrwh5Xf6Ml0MIqg0C4qhx3K6omUzT0_dK9bPJMR3rHkfivMSdh5Y4PmTnCefiJRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93MfpzKx5n9n2A9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXkekKdmpyrtTwkT3NG9jyqazFSDL_BSxhuVcMEM6DeeXbNxalxDxHnNSLb7_B3NKuUHhIpkoas3H0%3Badfibeg%3D0%3Bcdata%3DF6HbVtpmvjJtA9kXLTCI5mpSJRxeeJAWofnePrdCD_i55sb3ewVjNoXDEbzWWblEoLw8-A_KJy57bdp-DsExYsX4De8FoXoTV-xGKFmUIVF4krubqxgpJGoGoEi3wyPdiehMxJm-RtfJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.zahav.ru%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413b5a3d92bc6f35a16c3a38f0d3463b88300e539b132617a795584e20bf7d63

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b30d4a0c9e70e1e-MXP
content-encoding: br

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame BD2E 64 KB
8 KB 27ms
27ms Stylesheet
text/css 2606:4700:3039::6815:c08f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36039&b=YxqtrfzXW2uQKWtVH8t3HQt1e2TAT1TXqar&f=q4gUmfBZkzcYdWCZHRt1HRCMwJhPTgTY6H3&c=320&d=50&e=uuDJJRW3uGJghM4j_rnFbM_JnYRY0iIq&g=7c4a186ef481d7fb776330e490485e59%2F132080034052833088&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637737963611&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516442%3Bcrtbwp%3DYZ3l6gAAAACAKBiTHUl4XTnaiCCXSdaxJw5mxw%3Bcrtbdata%3DqOWrwh5Xf6Ml0MIqg0C4qhx3K6omUzT0_dK9bPJMR3rHkfivMSdh5Y4PmTnCefiJRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93MfpzKx5n9n2A9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXkekKdmpyrtTwkT3NG9jyqazFSDL_BSxhuVcMEM6DeeXbNxalxDxHnNSLb7_B3NKuUHhIpkoas3H0%3Badfibeg%3D0%3Bcdata%3DF6HbVtpmvjJtA9kXLTCI5mpSJRxeeJAWofnePrdCD_i55sb3ewVjNoXDEbzWWblEoLw8-A_KJy57bdp-DsExYsX4De8FoXoTV-xGKFmUIVF4krubqxgpJGoGoEi3wyPdiehMxJm-RtfJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.zahav.ru%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=36039&b=YxqtrfzXW2uQKWtVH8t3HQt1e2TAT1TXqar&f=q4gUmfBZkzcYdWCZHRt1HRCMwJhPTgTY6H3&c=320&d=50&e=uuDJJRW3uGJghM4j_rnFbM_JnYRY0iIq&g=7c4a186ef481d7fb776330e490485e59%2F132080034052833088&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637737963611&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516442%3Bcrtbwp%3DYZ3l6gAAAACAKBiTHUl4XTnaiCCXSdaxJw5mxw%3Bcrtbdata%3DqOWrwh5Xf6Ml0MIqg0C4qhx3K6omUzT0_dK9bPJMR3rHkfivMSdh5Y4PmTnCefiJRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93MfpzKx5n9n2A9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXkekKdmpyrtTwkT3NG9jyqazFSDL_BSxhuVcMEM6DeeXbNxalxDxHnNSLb7_B3NKuUHhIpkoas3H0%3Badfibeg%3D0%3Bcdata%3DF6HbVtpmvjJtA9kXLTCI5mpSJRxeeJAWofnePrdCD_i55sb3ewVjNoXDEbzWWblEoLw8-A_KJy57bdp-DsExYsX4De8FoXoTV-xGKFmUIVF4krubqxgpJGoGoEi3wyPdiehMxJm-RtfJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.zahav.ru%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:43 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 499038
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=65497
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 18 Nov 2021 12:35:25 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6b30d4a13fba0f52-MXP
cf-bgj: minify

GET
H2 200 1FE8F38765DE79BBD35893CF34AF713BEFD840E0E86A12BC3428B5F4DBF5F3A4CAE5EC8D739DF6AAB5660A5C4F9C3B407A2861F9EBE931803ED2A8AD654FE108
assets.ad4m.at/product_image/ Frame BD2E 15 KB
16 KB 26ms
25ms Image
image/webp 2606:4700:3039::6815:c08f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1FE8F38765DE79BBD35893CF34AF713BEFD840E0E86A12BC3428B5F4DBF5F3A4CAE5EC8D739DF6AAB5660A5C4F9C3B407A2861F9EBE931803ED2A8AD654FE108
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=36039&b=YxqtrfzXW2uQKWtVH8t3HQt1e2TAT1TXqar&f=q4gUmfBZkzcYdWCZHRt1HRCMwJhPTgTY6H3&c=320&d=50&e=uuDJJRW3uGJghM4j_rnFbM_JnYRY0iIq&g=7c4a186ef481d7fb776330e490485e59%2F132080034052833088&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1637737963611&h=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516442%3Bcrtbwp%3DYZ3l6gAAAACAKBiTHUl4XTnaiCCXSdaxJw5mxw%3Bcrtbdata%3DqOWrwh5Xf6Ml0MIqg0C4qhx3K6omUzT0_dK9bPJMR3rHkfivMSdh5Y4PmTnCefiJRNXcZdgWbUk8k7RCno0mhEIBjYUyI440mUBSMyK93MfpzKx5n9n2A9hWVAV6vo3zxA7l0DqvHgtgT3IwbHgXXkekKdmpyrtTwkT3NG9jyqazFSDL_BSxhuVcMEM6DeeXbNxalxDxHnNSLb7_B3NKuUHhIpkoas3H0%3Badfibeg%3D0%3Bcdata%3DF6HbVtpmvjJtA9kXLTCI5mpSJRxeeJAWofnePrdCD_i55sb3ewVjNoXDEbzWWblEoLw8-A_KJy57bdp-DsExYsX4De8FoXoTV-xGKFmUIVF4krubqxgpJGoGoEi3wyPdiehMxJm-RtfJJZcwKgA0K2T0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwww.zahav.ru%252f%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c08f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7499326855f1841dc86eb71432203075701c8548b083cac74ead0424f5ec54a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-goog-hash: crc32c=VrE/bA==, md5=fGTH2KEBbTyDfzd3M8Lsqw==
date: Wed, 24 Nov 2021 07:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 127876
cf-polished: origFmt=gif, origSize=20826
x-guploader-uploadid: ADPycdvHPcnYkivCe9SE-QE9_pYEaJvNKa7E2i-IwiT-kejr5IhSmcImWgT_LbV0Ch8MGWy_4iCUiZSYfMAYIXbFe1A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15712
last-modified: Mon, 15 Nov 2021 10:51:09 GMT
server: cloudflare
etag: "7c64c7d8a1016d3c837f377733c2ecab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAtR%2FWKlwMvvzd4XaJGzar%2FKIXNpqzcgMUeSOIoSPuYLKg4%2FuFBJJ%2BNi2vPinT6DX3xKM8%2B2VP50fhuMDfdbpgjoaFMM8PPOuvPeiqt2EqX%2F1P%2F8Zf80oNSTcA4LBN7qzHDeWT%2BSnQMno%2FJZ"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636973469816333
content-type: image/webp
expires: Thu, 25 Nov 2021 07:12:43 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 20826
accept-ranges: bytes
cf-ray: 6b30d4a13a890e1e-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 46BD 42 B
64 B 43ms
28ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstV9t-97ai9UdpfZ2ZrXR4xTx_wER9PJK5MFhB3Ko0WPzmz5Ap5xDWv2vy5qFsHUYHg2WMo51Ibr9M-o7holof2kssJJjECSIVdD-ENlnmUXqxfaIfg&sig=Cg0ArKJSzC8ihj7IjNFyEAE&id=lidar2&mcvt=1000&p=15,315,265,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=111351917&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637737962693&rpt=135&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9FEE 42 B
64 B 29ms
28ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstV0L1277GOjxmlQBcBVRA5bX4Z976pass_DSuFAvJMTfnOutuMethH0Zw0VOJb7nxMPd3g_NxctegAf_gLzZMTNWicbhB-YFjA-A9kCPXyzTHxtJEs&sig=Cg0ArKJSzK18xU8AIbOaEAE&id=lidar2&mcvt=1000&p=735,496,795,964&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=0.99&app=0&itpl=3&adk=4292339437&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637737962752&rpt=168&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 575E 42 B
64 B 28ms
28ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujL8E5AJEVZcjGoSxcfPGzz9u8Qp3hTIYjUk1MkpYtxTMgcvtaMZyWdNdPe0pDm4X0xcTPTDJiUUShonIEp21uK0T0L4A6w5IeAtcRZi9Isbqh0T7m&sig=Cg0ArKJSzAfhItdFbqpMEAE&id=lidar2&mcvt=1002&p=1060,553,1275,908&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=0.65&app=0&itpl=3&adk=811035953&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1637737962758&rpt=173&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000523/module/ 503 B
787 B 17ms
16ms Script
application/x-javascript 104.108.145.107
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000523/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.107 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-107.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3de7ab1dcc4e04dd59c5e377b672e06275dfabc3e27ff950512a26c52da8cb9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:44 GMT
last-modified: Wed, 24 Nov 2021 01:02:44 GMT
server: AkamaiNetStorage
etag: "ae553cf91279d80f1aabeb64faf8377d:1637735445.178094"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
291 B 92ms
92ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=0f05523593a2b8d72112bc558a0cf73c_73087_1637737963440&tm=2255&eT=0&widgetWidth=300&widgetHeight=158&widgetX=985&widgetY=4076&wRV=2000523&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:44 GMT
content-encoding: gzip
X-TraceId: 576394c1f81a7dbfd6d8affd889e36d
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 113 KB
29 KB 983ms
983ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.zahav.ru%2F&settings=true&recs=true&widgetJSId=HPC&key=NANOWDGT01&version=2000523&apv=true&sig=nusnWvhS&format=html&rand=84273&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ODVhYzZhZmYwNGQ3NzVmZDM5ZDQ0NjI0YzczYWE0ODI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=3&lastIdx=5&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&dpr=1&cw=480&activeTab=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000523/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0db9d3b20e25c07d581c6d7550307aeb026947ad719d5968334a7d174db86ec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:45 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.39
x-cache-hits: 0, 0
x-traceid: 8b05db7d1115391997ce619487725cce
content-encoding: gzip
content-length: 29610
x-served-by: cache-lga21939-LGA, cache-hhn4030-HHN
x-timer: S1637737964.095467,VS0,VE967
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjE2YTMyMmU0NTJjN2NhZWMzOGQ2ZDlkYjdjOThjOGVjYTM2ZGEzMzE0OTQ1NTQ3ODI2YjEzNGVlMDlkZmRlMDMiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 9 KB
9 KB 17ms
17ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE2YTMyMmU0NTJjN2NhZWMzOGQ2ZDlkYjdjOThjOGVjYTM2ZGEzMzE0OTQ1NTQ3ODI2YjEzNGVlMDlkZmRlMDMiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7338037a78e312f2b3b0473ed62acc9ee7514b6e99ce381c089a9b0d963f9f61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:44 GMT
cache-control: max-age=1392741
last-modified: Thu, 11 Nov 2021 09:38:43 GMT
x-traceid: a159fef468d6550d6ac7b17c87b7386b
timing-allow-origin: *
content-length: 9142
content-type: image/webp

GET
H2 200 eyJpdSI6ImQ4MzIyYTI3MGNiNDMzNzg3Njc3Y2U2MDY0ZjZiNmU4ZDgxYjkzZTAxMjRjZTRjMjIyOGFiODU3ODg0YzhlNTIiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 13 KB
13 KB 28ms
28ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQ4MzIyYTI3MGNiNDMzNzg3Njc3Y2U2MDY0ZjZiNmU4ZDgxYjkzZTAxMjRjZTRjMjIyOGFiODU3ODg0YzhlNTIiLCJ3IjoxMDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.zahav.ru
URL: https://www.zahav.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4cc52d8d495c941df694d5d5e326aef48e1154547a92e2db4a13e9742b660a15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:44 GMT
cache-control: max-age=2311358
last-modified: Mon, 22 Nov 2021 11:20:00 GMT
x-traceid: 098ec22267198fc043ba632ee89d8ca5
timing-allow-origin: *
content-length: 13322
content-type: image/webp

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 89ms
89ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=161f392fa86c840f293efe3fcdd86256_73087_1637737964526&tm=3251&eT=0&widgetWidth=480&widgetHeight=706&widgetX=490&widgetY=5335&wRV=2000523&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=989&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
X-TraceId: a0c5dc2062c507f8b2a1a4f17d33aa93
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 183ms
94ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=636224091079d6a64d549e3289a37168_73087_1637737964698&tm=3259&eT=0&widgetWidth=480&widgetHeight=725&widgetX=490&widgetY=6061&wRV=2000523&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=989&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
X-TraceId: efda58bfe595600d57b1666dbd045e95
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 272ms
87ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=cc6b15014fad1b1418ff790f16fb483d_73087_1637737964858&tm=3260&eT=0&widgetWidth=480&widgetHeight=706&widgetX=490&widgetY=6807&wRV=2000523&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=989&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
X-TraceId: 43dbcebbc54472e5439a6d79c6879ca7
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 345ms
89ms Fetch
text/plain 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=f08a360b466112dd9f020ebca544af3c_73087_1637737965002&tm=3261&eT=0&widgetWidth=480&widgetHeight=725&widgetX=490&widgetY=7533&wRV=2000523&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=989&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
X-TraceId: 37a953f800fb76aff38488fb019c3783
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 20ms
20ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

826ecf6b30d3cdbbc60b46b45c68dfa563a4a99c8611d88b69d55175c10a7030

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9158
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 24 Nov 2021 07:12:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0B05 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 24 Nov 2021 04:33:04 GMT
expires: Thu, 24 Nov 2022 04:33:04 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 69A2 783 B
533 B 17ms
17ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1dea51d160ef252de23a98067b93f4e7edfa047e2f8bedc6cc4cb1fad8828b88

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DvabcXv+ONmS9KADOJcObQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 24 Nov 2021 07:12:45 GMT
date: Wed, 24 Nov 2021 07:12:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DvabcXv+ONmS9KADOJcObQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B05 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 21:57:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 21:57:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 69A2 0
0 59ms
59ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=432946270986874&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0E5F 52 KB
17 KB 253ms
18ms Document
text/html 104.108.144.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-144-200.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 25 Nov 2021 07:12:47 GMT
Date: Wed, 24 Nov 2021 07:12:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame D7C5 2 KB
1 KB 251ms
17ms Document
text/html 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 24 Nov 2021 07:12:45 GMT
Connection: keep-alive

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 1B78 0
35 B 25ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.valuad.cloud
URL: https://cdn.valuad.cloud/hb/zahavru-prod.js?timestamp=1637712000000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.220.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.220.0
date: Wed, 24 Nov 2021 07:12:45 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

postmessage.html Show response
ecdn.firstimpression.io/ Frame 6925
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=600&slotname=d65eebd.ff328a6&adk=956434102&adf=1016731520&pi=t.ma~as.d65eebd.ff328a6&w=300&lmt=1637...
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=35

362 B
639 B

9ms
8ms

Document
text/html

143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=35
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.zahav.ru&bust=31063796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-113.fra50.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 4027f215b465d142a81a82c5f2aa7eb595e362cbc8e6d30bf5a8c083709a7d97

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

content-type: text/html; charset=UTF-8
content-length: 362
date: Tue, 23 Nov 2021 16:44:09 GMT
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: BtEihiydCB-npui48JbgZ-jNtInRoMO_T8fa3bZWb_3A6CQBg1zkAw==
age: 52116

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=35
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Nov 2021 07:12:45 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

postmessage.html Show response
ecdn.firstimpression.io/ Frame 3C24
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=600&slotname=7c0d836.c26cd4d&adk=1842024176&adf=983765939&pi=t.ma~as.7c0d836.c26cd4d&w=160&lmt=1637...
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=40

362 B
641 B

12ms
12ms

Document
text/html

143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=40
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.zahav.ru&bust=31063796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-113.fra50.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 6cd3f265cd1e926f19b82899b3bf83a21490ece259b7e85f082090eb107a8887

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

content-type: text/html; charset=UTF-8
content-length: 362
date: Tue, 23 Nov 2021 16:44:52 GMT
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qRh-sGLzTuDofuktxYYWJV1zny9Qkja9vRMCphLuY1lbx8ajIHPUxw==
age: 52073

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=40
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Nov 2021 07:12:45 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=432946270986874&bg=!MDOlM3fNAAZQLpa_UC47ACkAdvg8Wrvy0hYF4CnSNTeewxWXtoqqUf5hkycEwfpxXGFDWoMe1sOCJQIAAAB2UgAAAAdoAQeZAoGjEA24tvpMAiYwdv-0oUarVTAEoZSnAUzDO98xVOdrAcBFnUXe-_vX1OhlVYIBOT7SPfGKNGBWjaOD3__5ep6vtciEOxPy8JX0G379zMcGcODQF9K0-zzXdFlCjWXpVi0_QxInw8oq-5iPbyDk84ZLY4TIqhgoZipfTtwJENwpggIhrDz6NqXA_lKwL7IpqJ-rf-cpvOuMcWb3q6AStw0pzQ9W9SZk9D-tkm_kPJNgwJVPVtX5mqtTaOIcmsbcheb32exBG5iwdezet3HFoOnTpOP1vByAHVjmrMbllzFdRSjxbSROTJnSsRlMRwx9A8ws0CYdTY0n7jQPgTXFd9JXo26EH14qnxwsYnst21c3TCGGHSRe7Hkuwu-AxcOkyx3UGhkBcigOs9yIKRH1GBwnqBHoqziay3F2votCwuI755dZNTK1NtZByAAXWDaG7270A67cYrrsHBh7jyrhmCYXcItfcDOhcuY_DlFS69rTuq_euw4oAejmMWyNjlUUsiGoz8vpKA4VcGeEyTMHTrAZh5VLC1roJnoYEtFgPcc4inn8jmSGkRxQ9vVa67AQsYlDzb4YN3dVP40etXRFSQ9m-BQbQTYigXIIxXyiqIEjzuY1JtX_Z8EYubpyDQbz_UUtJ5EyxikWDP4jEwDHJBwG-aailHGecfx1etRkEx6UQLnSDdBApV9sLx1extD4icZQDNABPMZLBgkzh-dxO7kXKR6zs6N61Ypx0gOuxmf5ELz9B7RgV_wfoh2aCpQsMoEAmblHiDwgAd28cEYHR7ZDhxvjulg0MQh65G2cdk72omwMNVQZcSQ5ub7YAJpgcTVfT_7T-iEYsZteXxwa6_EEUA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame 474C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

51ms
51ms

Document
text/html

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 0cac7d95e4cf935171420d3a4cd3651e57cc6333e46e412827f8fec2278b0283

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|45|39|230|152|188|3|218
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1646
Expires: Wed, 24 Nov 2021 07:12:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:45 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 335
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Wed, 24 Nov 2021 07:12:45 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:45 GMT
Connection: keep-alive

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 0E5F
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
801 B

18ms
18ms

Script
text/html

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:45 GMT
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 11e555b0-5785-47b0-a6a2-c29c9521de7d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:45 GMT
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4e0a02b3-ec10-4b4b-9d41-94f28e7836de
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 lg.php
tracking1.firstimpression.io/delivery/ 1 B
294 B 33ms
33ms Ping
text/html 54.77.121.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking1.firstimpression.io/delivery/lg.php?bannerid=97041&campaignid=32&zoneid=114914&dt=1&_fiid=A7&cb=98758035
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.121.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-121-55.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

POST
H2 200 lg.php
tracking1.firstimpression.io/delivery/ 1 B
294 B 38ms
38ms Ping
text/html 54.77.121.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking1.firstimpression.io/delivery/lg.php?bannerid=97106&campaignid=32&zoneid=114915&dt=1&_fiid=A7&cb=39460516
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.121.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-121-55.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:45 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 474C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ3l7ZMhxRsQPWz1QhO0DQAABI4AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ3l7ZMhxRsQPWz1QhO0DQAABI4AAAIB&dcc=t

43 B
645 B

104ms
104ms

Image
image/gif

209.54.180.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ3l7ZMhxRsQPWz1QhO0DQAABI4AAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:46 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 7ZY023N75WRWR1K63RCA
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W78W2FVTZNTG2BQVD2ZR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZ3l7ZMhxRsQPWz1QhO0DQAABI4AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 474C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZ3l7ZMhxRsQPWz1QhO0DQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJkipLLYR2e6eF1F6niJXqU&google_cver=1&gdpr=1

43 B
1 KB

31ms
30ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJkipLLYR2e6eF1F6niJXqU&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 24 Nov 2021 07:12:45 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJkipLLYR2e6eF1F6niJXqU&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 474C 70 B
265 B 106ms
34ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 474C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZ3l7ZMhxRsQPWz1QhO0DQAABI4AAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOyTQ1pbDqjNx9BK_Ukxgco&google_cver=1

43 B
315 B

29ms
28ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOyTQ1pbDqjNx9BK_Ukxgco&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Wed, 24 Nov 2021 07:12:45 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEOyTQ1pbDqjNx9BK_Ukxgco&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 474C
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bef415e3-426f-4da4-a082-d36e30ba3a4c

43 B
1 KB

29ms
29ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bef415e3-426f-4da4-a082-d36e30ba3a4c
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:46 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 24 Nov 2021 07:12:46 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:46 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=bef415e3-426f-4da4-a082-d36e30ba3a4c
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame 474C 0
88 B 448ms
97ms Image
text/plain 52.202.47.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.202.47.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-202-47-217.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 474C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c6f1619d-e5ed-4d00-9b4b-14097c4a020f&gdpr=1&gdpr_consent=

43 B
1010 B

81ms
31ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c6f1619d-e5ed-4d00-9b4b-14097c4a020f&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:45 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 24 Nov 2021 07:12:45 GMT

Redirect headers

Date: Wed, 24 Nov 2021 07:12:45 GMT
Server: MT3 4133 baa842e master zrh-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c6f1619d-e5ed-4d00-9b4b-14097c4a020f&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 24 Nov 2021 07:12:44 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YZ3l7ZMhxRsQPWz1QhO0DQAA%261166
dpm.demdex.net/ Frame 474C 0
0 128ms
32ms Image
application/json 52.212.5.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YZ3l7ZMhxRsQPWz1QhO0DQAA%261166?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-5-244.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame 474C 43 B
425 B 17ms
16ms Image
image/gif 104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YZ3l7ZMhxRsQPWz1QhO0DQAA%261166
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.zahav.ru/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 24 Nov 2021 07:12:45 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3166
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 24 Nov 2021 08:05:31 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zahav.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zahav.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 07:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2

200

postmessage.html Show response
ecdn.firstimpression.io/ Frame D073
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=600&slotname=cf5042c.1d33ff9&adk=3182670032&adf=469762760&pi=t.ma~as.cf5042c.1d33ff9&w=160&lmt=1637...
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=36

362 B
641 B

8ms
7ms

Document
text/html

143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=36
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.zahav.ru&bust=31063796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-113.fra50.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 6ef04632d1ada8b45da8d49e5984c219ad10c08e6d685e3a6456d9f07210289a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

content-type: text/html; charset=UTF-8
content-length: 362
date: Tue, 23 Nov 2021 16:47:54 GMT
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: RCDwvjidZgd60m6RQ8klDTnaQW7W9xMdq2qG0QwbRCGZS36b-AtBZQ==
age: 51892

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=36
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Nov 2021 07:12:46 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

postmessage.html Show response
ecdn.firstimpression.io/ Frame 1940
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-3622156405313063&output=html&h=600&slotname=971f632.db8f29c&adk=568524247&adf=3542991247&pi=t.ma~as.971f632.db8f29c&w=120&lmt=1637...
https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=38

362 B
631 B

7ms
7ms

Document
text/html

143.204.98.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=38
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3622156405313063&plah=www.zahav.ru&bust=31063796
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-113.fra50.r.cloudfront.net
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: 829662cc52240122d1768b349a9cbb8c2918836bddac167596b9c3d303937d7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zahav.ru/

Response headers

content-type: text/html; charset=UTF-8
content-length: 362
date: Tue, 23 Nov 2021 16:44:11 GMT
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
x-cache: Hit from cloudfront
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: OdbmdRMl_OACJfXrvPm8uxTTWVfZDtuaVyuqnMpItf2wifvfLiQHVg==
age: 52115

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://ecdn.firstimpression.io/postmessage.html?command=passbackFn&group=38
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 24 Nov 2021 07:12:46 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 lg.php
tracking1.firstimpression.io/delivery/ 1 B
294 B 33ms
33ms Ping
text/html 54.77.121.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking1.firstimpression.io/delivery/lg.php?bannerid=97050&campaignid=32&zoneid=114928&dt=1&_fiid=A7&cb=34968630
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.121.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-121-55.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:46 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 0E5F 0
729 B 22ms
22ms Script
text/html 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 24 Nov 2021 07:12:46 GMT
X-Proxy-Origin: 193.27.14.40; 193.27.14.40; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dfa6332f-cb0e-44d1-a306-0f626b9ede2f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 lg.php
tracking1.firstimpression.io/delivery/ 1 B
294 B 35ms
34ms Ping
text/html 54.77.121.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking1.firstimpression.io/delivery/lg.php?bannerid=97092&campaignid=32&zoneid=114929&dt=1&_fiid=A7&cb=23711431
Requested by: Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.121.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-121-55.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 / PHP/7.3.23
Resource Hash: cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:46 GMT
content-encoding: gzip
server: nginx/1.18.0
x-powered-by: PHP/7.3.23
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
expires: 0

POST
H2 200 /
track.adform.net/serving/unload/ Frame D774 35 B
468 B 20ms
19ms Ping
image/gif 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=6417744376141827495@@38516442,6025152557684150265,0|0|0|0|0|0|0|0|0||0|0|1538|1e1f7ca0-b52a-429c-9083-2ec3c5ed77a7_1|||1|0|0|RisIghxaQ4VX7EYoWZQhUXiSu5urGCkkagagSLfDI92J6EzEmb5G18kllzAqADQrA7z_uuw_WOM1|||11|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zahav.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 24 Nov 2021 07:12:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.zahav.ru
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.detaly.co.il/	1970-01-19 22:55:39	Name: __cf_bm Value: aV31TNwBtG2gsvo_2PhZBW.REu9w6RbFLUv1BcomUes-1637737961-0-AUx3LzlaLY3KGlcOAJFBVHl4RLCCbjZncRGdRXhxUxSyTt3n2IO8qRTa4lajR0uwI5xwEyJ2fLQ/8SOk1c+J1OA=
.smi2.ru/	1970-01-20 07:41:13	Name: _sm_uid Value: 3e250306-dd5e-445f-88d4-e580fdfe1778
.smi2.ru/	1970-01-20 07:41:13	Name: _sm_udt Value: 1637737961602
.smi2.ru/	1970-01-19 22:55:39	Name: _sm_sid Value: 49bbe8e7-f1a2-4901-9bd4-c7a1c0edbe3a
.smi2.ru/	1970-01-20 01:19:37	Name: nid Value: ads5-2smir10
www.zahav.ru/	1970-01-19 22:56:38	Name: strip_step Value: 2
.zahav.ru/	1970-01-20 16:26:49	Name: _ga Value: GA1.2.1436109067.1637737962
.zahav.ru/	1970-01-19 22:57:04	Name: _gid Value: GA1.2.1359563752.1637737962
.zahav.ru/	1970-01-19 22:55:38	Name: _gat_UA-4780630-1 Value: 1
.zahav.ru/	1970-01-19 23:02:49	Name: vad-loc-code Value: de
www.zahav.ru/	1970-01-19 23:38:49	Name: _pbjs_userid_consent_data Value: 3524755945110770
cdn.firstimpression.io/	1969-12-31 23:59:59	Name: OAID Value: GDPR
.doubleclick.net/	1970-01-20 08:17:13	Name: IDE Value: AHWqTUk-12O88bPJHUfp5FIZGn_418GFKPsAxy5DmcpyQWufTx3-sBH9VT_P9rH8uVA
www.zahav.ru/	1970-01-20 08:17:13	Name: cto_bidid Value: VInc2l93M0tBT1FyYSUyRnVHTkZvdVBDdkdlVzNDSjR4ZDBxd0ZSeWl2T0h2ODFUaWdGejlvdm1HS29zTHFnWERHUjZ6MDVQVlZ0TUVwMWtWcTY1NWdMMDl5R0lnJTNEJTNE
.stat.media/	1970-01-20 07:41:13	Name: _sm_uid Value: 3e250306-dd5e-445f-88d4-e580fdfe1778
.stat.media/	1970-01-20 07:41:13	Name: _sm_udt Value: 1637737961602
.stat.media/	1970-01-19 22:55:39	Name: _sm_sid Value: 49bbe8e7-f1a2-4901-9bd4-c7a1c0edbe3a
.stat.media/	1970-01-19 23:38:49	Name: _sm_cm Value: 6
www.zahav.ru/	1970-01-20 08:17:13	Name: cto_bundle Value: vUyPS18zYkdaUk5pYnB1ZHljNG94QjJ1Qm13MjVqTTJRTjgxQ2hzQmdLRFdOaUNVbVBNJTJCak9RcDd1WDJtajR0JTJGTjZkRDBmSldVbEFieSUyQklVRWZqUmNCaVJHbnIlMkJjVzJpRjVZR1dVem5nZTFCZDJxYThmJTJGUHZQb3hyaTlLRiUyQmJaYTUlMkJy
.zahav.ru/	1970-01-20 08:17:13	Name: __gads Value: ID=ce710ba4f546328f:T=1637737962:S=ALNI_MauvqGiBNWiBAiCaCKIrbU2UcPwlg
.adform.net/	1970-01-19 23:38:49	Name: C Value: 1
.lentainform.com/	1970-01-25 20:31:23	Name: muidn Value: lanHWFD5U3cn
.adform.net/	1970-01-20 00:22:01	Name: uid Value: 6417744376141827495
.adform.net/	1970-01-19 23:05:42	Name: TPC Value: 1637737963088
servicer.lentainform.com/	1970-01-19 22:55:38	Name: __mglb Value: cbeb893f26be92ee4d57b414fbc5f82c
.doubleclick.net/	1970-01-19 22:55:41	Name: DSID Value: NO_DATA
www.zahav.ru/	1969-12-31 23:59:59	Name: LentaInformStorage Value: %7B%220%22%3A%7B%7D%2C%22C684064%22%3A%7B%22page%22%3A1%2C%22time%22%3A1637737963444%7D%7D
cm.lentainform.com/	1970-01-19 23:38:49	Name: mg_sync Value: {}
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lanHWFD5U3cn
.mgid.com/	1970-01-19 22:55:39	Name: __cf_bm Value: zXI_lb1q_mwjtV.LWebeWr3j5aDNsRJ.jhBsHC4YaK8-1637737963-0-AX9TdTm/Ic7cj3EJlK8mgIZBLq2FOTqLAazTR0pT5Xp/n985o3umT2bb2XhEmmHLkstYlnqyPFgXNkwnrppQklE=
.adnxs.com/	1970-01-20 01:05:13	Name: uuid2 Value: 8125088022960903229
.casalemedia.com/	1970-01-20 07:41:13	Name: CMID Value: YZ3l7ZMhxRsQPWz1QhO0DQAA
.casalemedia.com/	1970-01-20 01:05:13	Name: CMPS Value: 3234
.casalemedia.com/	1970-01-20 01:05:13	Name: CMPRO Value: 1166
.mathtag.com/	1970-01-20 08:21:33	Name: uuid Value: c6f1619d-e5ed-4d00-9b4b-14097c4a020f
.casalemedia.com/	1970-01-19 22:57:04	Name: CMST Value: YZ3l7WGd5e4A
.casalemedia.com/	1970-01-20 07:41:13	Name: CMRUM3 Value: 27619de5ed0b40&03619de5ed2760c6f1619d-e5ed-4d00-9b4b-14097c4a020f&98619de5ee2760bef415e3-426f-4da4-a082-d36e30ba3a4c&e6619de5ed2760&da619de5ed2760&f1619de5ed05a0&bc619de5ed05a00&2d619de5ed2760CAESEJkipLLYR2e6eF1F6niJXqU

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.zahav.ru/ Message: Mixed Content: The page at 'https://www.zahav.ru/' was loaded over HTTPS, but requested an insecure element 'http://www.9tv.co.il/download/pictures/img_id=17439.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.zahav.ru/ Message: Mixed Content: The page at 'https://www.zahav.ru/' was loaded over HTTPS, but requested an insecure element 'http://www.9tv.co.il/download/pictures/img_id=17439.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2f197cf1c2e2c2e36c31e6acbe932f6c.safeframe.googlesyndication.com
a2121.casalemedia.com
acdn.adnxs.com
ad.doubleclick.net
ad4m.at
ads.pubmatic.com
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
autocounter.lentainform.com
c.files.bbci.co.uk
c.lentainform.com
cdn.ampproject.org
cdn.firstimpression.io
cdn.jsdelivr.net
cdn.lentainform.com
cdn.valuad.cloud
cm.g.doubleclick.net
cm.lentainform.com
cm.mgid.com
cursorinfo.co.il
d221oziut8gs4d.cloudfront.net
d2xerlamkztbb1.cloudfront.net
date.zahav.ru
detaly.co.il
doska.zahav.ru
dpm.demdex.net
dsum-sec.casalemedia.com
ecdn.analysis.fi
ecdn.firstimpression.io
fonts.googleapis.com
fonts.gstatic.com
freecurrencyrates.com
googleads.g.doubleclick.net
gum.criteo.com
hb-dot-valuad.appspot.com
htlb.casalemedia.com
ib.adnxs.com
images.newsru.co.il
images.outbrainimg.com
img.wcdn.co.il
jackkuba.ru
js-sec.indexww.com
jsc.lentainform.com
log.outbrainimg.com
match.adsrvr.org
mcdp-nydc1.outbrain.com
mignews.com
mug.criteo.com
mv.outbrain.com
nep.detaly.co.il
odb.outbrain.com
pagead2.googlesyndication.com
partner.googleadservices.com
pogoda.co.il
rtb.adentifi.com
s-img.lentainform.com
s.amazon-adsystem.com
s1.adform.net
securepubads.g.doubleclick.net
servicer.lentainform.com
smi2.net
smi2.ru
ssum-sec.casalemedia.com
stat.media
static.smi2.net
static2.smi2.net
static3.smi2.net
static4.smi2.net
static5.smi2.net
static8.smi2.net
stats.g.doubleclick.net
sync.extend.tv
sync.mathtag.com
target.smi2.ru
tcheck.outbrainimg.com
tpc.googlesyndication.com
track.adform.net
tracking1.firstimpression.io
trendads-swarm-api.reactivebetting.com
trendads.betfindr.com
trendads.reactivebetting.com
u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.9tv.co.il
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.zahav.ru
zahav.ru
104.108.144.200
104.108.144.214
104.108.145.107
104.108.145.205
104.108.145.8
104.19.134.78
104.19.217.61
138.201.55.245
138.201.55.248
142.250.186.162
142.250.186.70
142.250.186.98
143.204.101.191
143.204.101.73
143.204.98.108
143.204.98.113
143.204.98.3
143.204.98.65
143.204.98.97
146.185.195.90
15.197.193.217
151.101.114.132
167.71.79.41
178.250.0.157
184.31.84.150
185.162.125.103
185.162.95.74
185.170.60.152
185.29.132.245
185.33.221.89
193.150.127.23
205.185.216.42
209.54.180.144
216.41.223.54
2600:9000:2156:2400:6:834a:a040:93a1
2600:9000:2156:5e00:6:834a:a040:93a1
2606:4700:3033::ac43:db26
2606:4700:3036::6815:43eb
2606:4700:3039::6815:c08f
2606:4700::6810:5814
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2014
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9d
2a01:7e00::f03c:91ff:fea6:3b6d
2a02:2638:1::13
2a02:26f0:6c00:2bb::f33
2a06:98c1:3120::15
34.98.64.218
37.157.2.237
37.157.6.234
52.202.47.217
52.212.5.244
54.205.198.81
54.77.121.55
64.202.112.159
82.148.14.195
82.202.225.240
84.94.227.80
88.212.234.125
88.212.252.73
88.99.129.243
91.226.245.88
00d0d4f70f0d7a963159087f0478c31eeab26d7a98d4c0b49b68f734b8e63713
01118b69e2f0430c25c7fff80c5860199d8330c80a3996e912ef7595dcc99875
01e30623f1fc127891dee76829fb2eb49cfa3879d193de851b91e45c951849cb
024f1a1d9460ab485743591d37945a937678f1416e1d5d189114538e2355398b
08777ed0d4e037aa8cd715ecc2b87d413b8eca103fc13f9a26f6eb1993e09344
087b73b9c1e7068576395dbf0b49f18df329d27ab326857d230ca68df905d00e
0a759c9120394fec99cf2cc8c3e591520e688ff6aca64e352859bb7fb9e728aa
0b02be371236cb382ac86d568c1837f692c3f0c8221a17dd5637384ae0bd26b5
0b7a3a6f3c154e6f2b0e77424fa293292d119780f3043d7e729877e5b4a4c7bd
0bbc958f25216ff5c2fe09e3acae81c47b34b1308a1899b9f4444b4577bd2204
0cac7d95e4cf935171420d3a4cd3651e57cc6333e46e412827f8fec2278b0283
0db9d3b20e25c07d581c6d7550307aeb026947ad719d5968334a7d174db86ec3
0ec5e9527b2ff77e24db371ed266bcb8f415f91f6431d7f22fc240dd1236297c
100c8384ed717645d21853bed1fd9c1dc17e61d6419f8c4a10facf74762b42f8
10247e1c362b917b73ae4cba155bbd77b50b9d5175d7f5341c0a27a9ca6bfd8b
1183307783cf23654d3a290fdd33a2387be5d4651145b67f5527da2729bec0bc
12956c4adfe42605f96bcd299eef2058f7522317330edfa0b94e14c0095bce6b
1433fd002b923c5c88b9acb6e47b15121632afbcfff8e3a5c46f473b7277802b
15b60ab0183095d22f09994bc0d3a6dff9743a998d464922d510e35aff0e928e
16aa5d8fdf0af208b350a18e4bdbe22192c1c80f47feffd8a8e682c6addd8f97
16d2f962efd20bc2824674b6690e8537b1f223b57dee39c321d6c2685f9130d8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a17deda710dce84322e108cf77e8ba7d4e4c98a05d8e81cef523b7f7c1f5ce4
1a5de40362d500883476da3f1a605cb0c7c05eae712d8d370b0241ee9f1e5687
1be1b7921934df725ef62fcf8d8f08a4542520d29fc8018ca910cd11f7868b39
1d093d3c10615c18f00f0af703e3c86cf2d7f6631b4d7086883c686bb4edf7a9
1dea51d160ef252de23a98067b93f4e7edfa047e2f8bedc6cc4cb1fad8828b88
1e0b414b5c9fbc0512db4904a30eb08a1597688c565ed6f2463d33284ad280d8
20b9c4931e008ecf26805fe1f9ea7a0a7527085728bc8d80e829e387cdb81bc6
23656a72bb495bc77bd844aedcded06ad3cdcfbbf9606b0d21e54703ebdcabf7
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28c6695ea4202ee5e9433ece9ce611d857859b1c43992ee3b8ed1b54d5d34bfa
2939e232f54032b1e76268e32b57ae78fd39277d1744d93bc7f7917dd9bf60ff
2be08cee1fabecbc458c034e76a5201aff210e388eeb6c93809d55ac2a1a5ef2
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2db4b55326c0ef7cd3caf53e835ae1f38629da1d1c2f5a127e0785165b16078c
2f162d9444cde39ecf6b1260eef4efa09e711b5ebfc7477fce9444e13d9cae22
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32266c80aea8a74bc2a5effa05379f3309b7898a49033bd14a9639156c5d3c2f
3347d18bb0f3835c27d24d586e338e5bcfab7ff5ca714479b178c019a797b034
3388ea77fdc0e35afffe25c91d0449e5519ad7ebe894f9f7fc5000504b915cba
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
36159dd267199f98113b0d7df6cf062260a694f4d5c5e861db7595655a0eda40
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3762f84554b341dd11c81e709e6df40bc62736f16e0c8ea4fe3e7e7c5f1bacf3
382873874381a9138712c2cf69ee03f11b96009cae5fe33d2647c414e9712f6f
38d106ce6fee3feb0f173bced76f37fbec4cfcc166da5fc9b497c4c820369ceb
39a853f0b625bd5658bd0be53b9dfd1c26ded1125ea902df3154cae33b2679dd
39eb62955ddb5e9b2944d1272f2a935f696d7f8a40bedfcdd2c6ba1790f71aff
3b31a8c1eaabb1e6d21a5b0cb05319814c94c5887681e08268c51aadaeddce4c
3c6338d8fba2bc58292cf93c0fc14c2a50f015f58fb5ab734812bfa8fdd06d5b
3d5ab241bad9c344032c33dd8290aacd5f4ba2a8cd50dde2603bb1637c4eb452
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3de7ab1dcc4e04dd59c5e377b672e06275dfabc3e27ff950512a26c52da8cb9a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fb9debb557dd5a533cb73ce06be9d49ed46246953a24a229c6191cde888cac0
4027f215b465d142a81a82c5f2aa7eb595e362cbc8e6d30bf5a8c083709a7d97
413b5a3d92bc6f35a16c3a38f0d3463b88300e539b132617a795584e20bf7d63
445928e8b0ba51447168caa1654299bd7f4f799dcbc95bd78078db6a003009f5
4625101b810e25dbb37c8449c39ce19490ba12a0b2327d6388f4a3aa91f2a01a
49bf36b56d0d517f12731cd42b4d301f0b10634c2259d4335c04e8a6e8e20029
49fc9eb31df784c522df5cbd7734f7633df510ad7e0e0ea731bf8c4b1f112dcd
4b016599c2c3993a2762117380d6960241db667dc2c50ad497434a73051eea50
4b90b41c0faf05e78ea4665a7ac824db4836446c676d9e035ae181d830518913
4cc52d8d495c941df694d5d5e326aef48e1154547a92e2db4a13e9742b660a15
4dcf81a91db78880c943af4a4ff799bf65b04e462ce7b24a89d25a72ebbabf47
4e184582d7c40f178108fded3ba64f4c106c5351e7a2b71e9916bdec7049faee
4ee32f2ffa2ef42ab17dd9ba5fce2627c91060a005d3c42e3957e43e179f9014
4f340f86038fbce1078446f7246c57ab96d1a69a34d9ab2c31c3e40fd0ba92e3
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fd404a3dd41ba5796289aa477fbab1ca6d8417713f348dc46088f0f304a4c86
5112533882ea77891976997afbeaf5416df1ac1a423c8177fdfce6d5e4e3bce9
52edaf861a380eedc1366e339df6f672fb9b553c517421dbd423ce4f120dad56
5347121468c3817e5261b94b958e7d4bdcc9c1e16ac6b750c7ddc044ff335212
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d1824c0503e984bcf5ffdb096e73e3469a36c281a6acb60ed3dcd9da5b1455
555611f5f67088e82a118f6595edde668c63da93d6de868c8b5686506157147d
55da745148e1e253c659038ba651770383155a9fab5f6acaef845fc4468a6ee6
5618a1cdf82aad97f1c6240687b1707be691d2453d74a7a0234d62bf4bccd877
568ea20350f3746f1b1ec935c859be791d3ae9e28ad16614a6a24d5ed59e9d72
5724fda09737eb666940b58a5273c368bad8510092c4d690ecd1e720a7b33b39
58380cc3712989d9f113c2f93cd144b232e95fa4927a3324142d4a1ab94c8f45
5927b526dea517c6d58a54685beb027c35c2f7dfef38f318d487ff4275d3913a
5a0db6487c26e2c9948ed0b4439efc4ab46c30c2021b0b917fc3ffcef9f24a97
5a76b6f87ed1d7d48153d25dbcd258af66c578fecb477a56265d604e18dc12e8
5c39330d08ba3d7379826f1e5034ef172dcbc08c61f4477960f20b52353052d3
5c52f5cab1e8476e88f9500e2d5ddea7aa19dfcbe8120f3b6c124a9cf67c0a2f
5c92e614f042b7b706fc3d808225ffa3baf1a3c43a782eb4600ae056a6cd9103
5cdb7a37129d9b91b632b3726c28a0cc19bc38877bb7ff12a3b3b30f3e1422b2
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5e3868fa612bfd28d9dd314ca34477ba99b1858206c926b71f81561c10bc0628
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
6263a077aa16cd1c1af20413e3da9d7922d3c4fb435525d159567a88b1af0aed
6417c8ba0adb5426cb41e0979e4c9826838622267c95b252955cd3b0a78b4312
65623c8434f7dadaba113a4521a101729ee3e6635e4412f2ccc99fbe6412d15e
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
673cfa216f5ba0d28634c396c15255f3efc2c3c4e728f7fcb41b56407541cb9d
68610359625c61aa2e38093918b75a165c1a78a4ed3c3642921f5c8ba94c0f2a
6b9b214d267f4298c976a20dc278fb878fdc3350ac39e8a1cf1049841e3701c6
6c02b4d4daf27fa92211062a42b8d7dd83e3990d80aee07fdfe7b4f6ea093688
6cd3f265cd1e926f19b82899b3bf83a21490ece259b7e85f082090eb107a8887
6dbc009775d8a4b5a7e76fae1b83953e75dc7f7ee0761eeeb88d1961fceecb32
6ef04632d1ada8b45da8d49e5984c219ad10c08e6d685e3a6456d9f07210289a
70549240fea1a10a4c0ec5804693af68a23eeaaff15c9cd1883c0138c81847e3
706a5523eeac69381f3635cb15a7b5ff041d55ffc5ebe0253419f7950edcd612
716fdb79ea3fe7056262464bc8380ef4a87bc5c75938d7b9a5d5ee2fb0fb9985
7338037a78e312f2b3b0473ed62acc9ee7514b6e99ce381c089a9b0d963f9f61
7340770b65ecbf03f94060537bf67564e05ab5885a262d38ec4905dbf3033dbc
752b584142bd8ce13218ba3a53bf07a89b9cff2f0cf001d6b396b35df335c5a6
7709b9132cd6a50ee083aec4e56d3388916469afd3aeac0064d64a31936cf1f8
779154b7d164b359fd271d3babb7d4eac4f48c49a978ec0a6e0a3f646056d13d
786dbb4402793fadd0112db771392a0509ffcb2806545e94a879af9c6d87415f
78fe68edd6f28d382f52ab19c62cae9f096b2b2e1e2fa7952c531186d95291be
790469469c3c815fb0dae21a7c1894b33a7dd8670e7ddb0772d22757f8d21ed3
79511e5605bf7f53e53622590df7b0a3be3d71060245e4e0bb0f4f6c592fea85
7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf
7c4eb1eda1edf90f16ace085613b0d3f9f37eeba7262dbc7211da5bf2571545b
7c8c8c252bcb7dbd7b9d4fae55c94cac462f93424a2931275b56bdd6cea16f77
7caa1a4cea451e2f1b8cdb1be6b779f9deb415e39a1217c0d77f7171527d44fd
7dc6e59e6d2c07ac5e1238d9461fdd53c5c7bf979f1d5cf2b989e3e2ef01922b
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7ff54649bbe95ec97784ba6c62172f53c2939985936f8e0ed84b8f6940f5cf1c
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
810c2f4d788fbb9c2d4ce33f11faaf1a3f893f613129d60e804701519bc5895d
8173bbb70e6904d8def54217677c3aeaf9219c69083c68a1f9e1993124e245fb
817ad1c88ae1ef0741c72562ab042c8d7d5d01dfd84e2f58c297e92f2526e193
826ecf6b30d3cdbbc60b46b45c68dfa563a4a99c8611d88b69d55175c10a7030
829662cc52240122d1768b349a9cbb8c2918836bddac167596b9c3d303937d7c
82f2949ba83bc2ae729046af34a2b9344f313e665ddc32041da2346cd0d56403
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838d62ecfee5112a90fa736246a6b34bc008eb37df0443e118472210bd278f10
84d2dac16f1b22edd37d7a8b907e8930c580e30ec97860ba98973b16809f8b6b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
850692e8bb0d9821e1312a461f1db53c185e027d92a1668fcfdb4af8eae7fb34
85757a08415eee91b4dcbcfd8af467df2779c49496a1bb8dc5f8a6fb93c73327
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b13335b5f44be68fee7ea4003e3ba58badaba5c822d8f34d5b463cb74fea8c4
8b4922682c486757fba6e61a4b59a948213adb9d1472c2a02c65c1cfe4988027
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e190a4d5edc1e768529b868e650ceea914c8329d7083c5af4c6b27045b10a72
91429781002e9d73f65d83c61cb6642a63434b916a7fa6d672763cf34858ad67
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
932376e026d5cf24ae61b65e0e0598e52fc850214a030a5327e7bd1eebad99b5
9482979abe85aef8dab69780f1a56c645c85e8a31f4f513f4094ce28a82e61ea
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
9841c9163bf0b6771b52553247b66654474a58821e5f41252d88e04a654a8631
98a6f5b06a93432ff3190c9ea2dc378082124bbbf6a2c4f150bfdca8a5e62080
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99a0a089b22c99373fab251c457588c805f98c3aa5ab6bd465ab5a244c0e0e49
99c02df117ddd61aa9ec99a89d6145c18ca62e49bee6c48de0d4bbbdb4977442
99e6ad57587632a7718dac73fed9b80cd0a14a993e90bff4fca15809e855d6db
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9b79e63f551b30b12777d502b278df45b63d3f753dc4cbdc21c660821dd338dd
9c3a7d243ce4564a03a00c6a4fcf493f2ba825bc61e02d4b349cbc421afe815d
9c483f99a9fd7d350b37e80ac52a094003ab750e90200f215eb02c3b143f5236
9cc5654e7e6825c3971349c841d2fa05fe2fb7329b1a3c9dfd1b154145ddad1d
9d5579d2ae226889e9cc592035a86cbe20c570edbdeb6394ec7ebc23c4246571
9e3c3c9dc24c88ba3faedd92493c57fffd88212868425c2d92895d7ee0fb1392
9e7579367a2a4c346b6236847e14055c544ec5ac6d3481a8d1539a7d181d7b4f
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9fe53095d8381a3ffa7042a8cf71204970cb81a0898c50345f821f5dc289ac3a
a021b71662ab222a630cce422661ffc3720da672bcbe8d0c9dfd354eb4d408f2
a0ea6e68f289976303b5b7d9287722d6b904ab62269f5a251a8af0f7dd962f41
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a620d0cc0e199b13300d4e785ec1a202189fcca6d647dff49611c5513cf419ad
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a748f4a8cbbeff59fe143223a5fc0e594c7fceacab61ea5fd3b04a71ae0f020c
a7499326855f1841dc86eb71432203075701c8548b083cac74ead0424f5ec54a
a803e3a1c1ab2d68c8eb2f1923be5112796e3e96317ba1e2e39d6daf1bea5f43
aa4008560304bd545cd264a4347258ed3cbcb6bedf27d7eca5437862e51a32ab
aa77d8784f46048567782048999c07fe3246a1e5eba25c97a965f3aabc278876
ad167bd04c5cf49f4c4751e022e7c96e0ce36c9a2c3deb0a74034d532e0f8b97
ae633993bc7b3cab03ed1c6c815522b7cfeb0b8d34cbd1d97526220fc758b8e3
af0113554bc3983c2c432995ed8a4b40cfa2331aa3eb77ac2a89e5cdcfae6773
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22737ff0cffbc4224eed81781e00c9eb3a242590c59a3c14b11ed5bae83a6f1
b229178c427913473e75247e0e544c7f85e59bb0883e3489fe932d708ab17acd
b2b7bafd31232c42f36d79f7976ea398d31e14f4dd80dc43614739cada6a1e93
b2c5b702ab3a83e3c2f07ea6376fbe989bbce06ad18dfcbd58f0460a0de33c9e
b3d08e25aea4cc819f13ed7ac9e89a5739c637fd55415fdc36e23fdf93c6869e
b3f915fc4d0a6193c5009ba3f1e6ed7e3ceac82574437f0df5df606c1dd4a4ae
b4a06476a8abb5d0cb26b19c9bff44a17ff6519e41a81312643e3ca4d15cfc06
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b98c8f3aa7cc2835be32fd3a1488ba31a3de35a3fa0dd643a092c2846c613017
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
bc6dd978e70894c8a0148e6806f4fde9566ee59349adb03c02a61a3b2e25b6f1
bfa9fbd00dd4368ee0d40975dbc5facd898fba67a371b49ed6b4eb5330b974c3
c0f4d59a0df83674183511b8781272fd09eee7506beb84429afe69fa93323d27
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2c61ca92609ea007f3659302839b9b11eba97287f9f60e8ab489190cec8f902
c35415f557bb6ab4551cb5c992c77c49478af6b6e186a1749a876090ba3c30c8
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c6ca62f78e9bff74cc165d26f88bd40852ae09eac3417e4224b2a9e830da1c41
c6d0c93d7514f73786c24f52796a28968663cf9fc464bbc5548232e401fc8e28
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca2285b1d2e8ebdecd84c81461a6a021d65782d63fe643ecdd37298dc22cfe16
cc8d764e3a3726365336394866c72123fcfb7ea43fa95ff0106b459b8cd4dfa2
ccde6bbe19344ed2ad02ea2b39df745c25378d76b38164ec6d8061b65e74f56a
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
cdb55c9a09a8dc39b8f6984643170cf7e0838a6e718b2bf7dbdabc09505c8d6a
cdc80cdeb5775fb23ae21bb0351810b03f776bbe41ef46e485fc475390741510
cdd45a27aabbc48aed2c2a1128e0aa5908771f813ed1a23a9256799a154c00a3
ce7047f1978917a3b97a424026182cf9eebcc488c8019f0fc85bc2acf78ecd70
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02c02e4a59298d6915800037770611a1d639012e50cea38bb71c04c7f4da463
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d269382ba228b3bc5b80cc2db93ccb9665e9472f6f9ca7959b9267f8e2ba4cc0
d4aa78cdbdb8d32c7f93590c7f4572a2f93c25cd7f0d5f87c01d86e4c22b181d
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6c529fbb8a14ddb7387eb0e2f4da69c654beb3067b10fa89bf576242d7b1f37
d6d53f4a021dfb5e412025170d987e10393ad72bcb079bc258bce73691edc1a1
d749dbed0c3aa0d6e712f6ae447b94e084671981a141b40a6243b306e21caf27
d8c30dd4a324db3318cea60fe7621b915fea65f2ef3a9359d2f1d17d109d71ec
d8c374cd2f617957c132d99428d99c041cbf5367f75f51a3b0f499bd60f84849
d95fb7c3d8bb1de34f1b1c565ee48f6c981fb3eef7b51e235a843445a5bac4a5
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da678728397e067457dbf41846492da5c0a4182a62ea14d4399410f47ba5d881
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dabe089fa606db7c6c7c06ce501499c0c51cebdeb292efcff4b842ec61b4233c
db25946eb9d952c737a9e2c1e5d5f68ad0912dc060aa0ec353dd13d3c24dd542
dd984fafb4fcf853c270e5143c0c48475576d8100cf725c3a483571d06d81fd9
de12938507eb047e09dcdade80cb64e7a7024e157e33882d9eb8c48c9ddc0d56
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e043bbb0ec44dfed5a5eb8f4cb5a4441668886d2aac49f9c2a739c57a875e241
e11547b9a42b6984c261a24fcccdeba22e81b647e21f9b98628264b31c5d10da
e209f440ca75da896569871dfe10c5dce2175e276b369d3bb6357ac10db4cede
e2e9e33017d1e723b736537f9a4fe46a34e02ba1d58950c2c92c6a7a844351ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d8e7da5fa8f3002ba6683298d19271ab7f53fd433f654cba9b7db6362bc18f
e68456fb8d6a4762b1941c585e43ea23a8e86915e52b8e6eda8f33dc64d5a111
e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea
e6c707723cda650cee5b1dfa1280562ae1c4c6aee9cd472e9535657ec36b91a5
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e90744876510c3d30951a4f1a14c6b292a2e9fea3ec084eebb55717f928002a9
e9817ff441c7044f2d126a3e12b02f624bd2fff669e3f6092d9c92324313df13
ec3f68c2b1e10acdfc6f1016a92486c277d3bd573f1b9a80c89d1d2b226f348c
ed7536590ff2747730fd1e56d51d14ec4f8fc2edf4d5980073c69261cc87859c
ef0973cb3b18ff0678552fa5b096b415333fda69203912fc483394c2685e19a6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05b6f9877fc4a3f9b4587aba72a9c63c60ce1e26398993498187816366de818
f25c4a9b5af7edc461eb740f40fdbad0147ecd53a915669652feac6726d33b2b
f6a71c76c6d34f5201c3b26374e98fd8bfdefbaad9bb18a20cb938e118478139
f76830db36da1e3edc43f963d9f7e85101bc32a84fff6bab3779edb0fcd0d4a8
f880ef6584845869e5d81b2960b8eb81ec470b88ea8859dd75a2ef80f56fe8dd
fe2a65a27c2144767b1cc6325cd36538f531cd2cb2b7784644829ba54537093d
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff4790d21d59f482ed9347c8abce6254ad549e877bdf624c7e471b443d7d407b
ffef300615d351a8d348d62a6a33e175b1f43439fa08656f3d542b2e8b869918

www.zahav.ru Open in urlscan Pro 143.204.98.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

356 Requests

98 %HTTPS

34 %IPv6

51 Domains

94 Subdomains

71 IPs

12 Countries

4911 kBTransfer

10362 kBSize

37 Cookies

140 Outgoing links

Page URL History

Redirected requests

356 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zahav.ru Open in urlscan Pro
143.204.98.65 Public Scan

Screenshot
Live screenshot

Full Image

356
Requests

98 %
HTTPS

34 %
IPv6

51
Domains

94
Subdomains

71
IPs

12
Countries

4911 kB
Transfer

10362 kB
Size

37
Cookies

356 HTTP transactions
9 data transactions