urlscan.io logo urlscan.io
SecurityTrails logo

updesa.com Open in urlscan Pro
194.163.42.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://updesa.com/
Submission: On March 06 via manual from NL — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 10 domains to perform 59 HTTP transactions. The main IP is 194.163.42.108, located in Singapore, Singapore and belongs to AS-HOSTINGER, CY. The main domain is updesa.com.
TLS certificate: Issued by R3 on January 21st 2024. Valid for: 3 months.
This is the only time updesa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 194.163.42.108 47583 (AS-HOSTINGER)
14 142.250.185.66 15169 (GOOGLE)
1 142.250.186.42 15169 (GOOGLE)
1 104.18.38.212 13335 (CLOUDFLAR...)
1 142.250.185.227 15169 (GOOGLE)
5 142.250.184.194 15169 (GOOGLE)
13 172.217.16.206 15169 (GOOGLE)
2 142.250.186.162 15169 (GOOGLE)
7 172.217.16.193 15169 (GOOGLE)
1 172.217.18.102 15169 (GOOGLE)
3 4 142.250.74.194 15169 (GOOGLE)
3 5 172.64.151.101 13335 (CLOUDFLAR...)
3 4 185.89.210.46 29990 (ASN-APPNEX)
1 172.217.18.4 15169 (GOOGLE)
59 15
9    194.163.42.108 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv141.niagahoster.com
updesa.com
14    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pagead2.googlesyndication.com
1    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
1    104.18.38.212 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.polyfill.io
1    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
5    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
13    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f14.1e100.net
fundingchoicesmessages.google.com
2    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
7    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f193.1e100.net
tpc.googlesyndication.com
1    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net
s0.2mdn.net
4    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
5    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
21 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
381 KB
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647
www.google.com — Cisco Umbrella Rank: 2
74 KB
11 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 562
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
50 KB
9 updesa.com
updesa.com
640 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 631
4 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 256
4 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 321
98 KB
1 gstatic.com
fonts.gstatic.com
10 KB
1 polyfill.io
cdn.polyfill.io — Cisco Umbrella Rank: 3336
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
716 B
59 10
Domain Requested by
14 pagead2.googlesyndication.com updesa.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
9 updesa.com updesa.com
7 tpc.googlesyndication.com updesa.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net updesa.com
1 www.google.com tpc.googlesyndication.com
1 s0.2mdn.net googleads.g.doubleclick.net
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.polyfill.io updesa.com
1 fonts.googleapis.com updesa.com
59 14

This site contains no links.

Subject Issuer Validity Valid
*.updesa.com
R3		 2024-01-21 -
2024-04-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.polyfill.io
Sectigo RSA Domain Validation Secure Server CA		 2024-02-20 -
2025-02-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://updesa.com/
Frame ID: 1CD69480017A70C3EADE44A0AC586C57
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240229/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 56BF2A226D39879CED820F685951EBC2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&adk=1812271804&adf=3025194257&lmt=1709533863&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fupdesa.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554313&bpp=5&bdt=811&idt=667&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=989562415044&frm=20&pv=2&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=684
Frame ID: 7F95DCB57EB957D8B4C3C5D770024A30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Frame ID: B697F1351FD1A6F0053156F84E0BAC44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=1692014915&adk=4069779367&adf=3610118697&pi=t.ma~as.1692014915&w=336&lmt=1709533863&format=336x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554319&bpp=1&bdt=817&idt=700&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x280&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=703
Frame ID: 5BE81369A8E66E60B8D41C089530DCC0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjoVhCa4vMCGOnRiYcCMAE&v=APEucNU2SDUrorxPSZWr3pW_6vRGDOqRnp_WAttrYRK0-vasM_4VVJOzvnOXS-E1kIeB4WLVS3Te0tilZO1Fq2qx5umVDyxX-Q
Frame ID: 5EAD936C57496277B5CAC9CF17B7576C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240304/r20110914/abg_lite_fy2021.js
Frame ID: 3DD594A3A178A1A204A8E91E62E77CC2
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6BD405D51229A4E7236BE1D2063EA058
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FB7A570A42BA68D593C943295766A9C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CDC00EFBB2DE300C026DFB70AE3BEA1A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Updesa - Maju Bersama Desa

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

59
Requests

93 %
HTTPS

0 %
IPv6

10
Domains

14
Subdomains

15
IPs

4
Countries

1255 kB
Transfer

2349 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9F-7E4RC7ginDRiEm95mA&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9F-7E4RC7ginDRiEm95mA&google_cver=1&C=1
Request Chain 29
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZefG64sFVT4AAA0EAA..oAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENCTpBLmdcH7AL3xiLALNwo&google_cver=1&google_hm=2
Request Chain 30
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJj7onvxHXqBYq01_7eCbp4&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJj7onvxHXqBYq01_7eCbp4%26google_cver%3D1
Request Chain 31
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1MTMyODA0NTQ2NzM4OTQ4MA%3D%3D

59 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
updesa.com/ 		35 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.108 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv141.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
7d83c069e183cfb4c79890cef38998ec72ce76184230a9c3123443bce23cfe2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-length
8624
content-type
text/html
date
Wed, 06 Mar 2024 01:29:13 GMT
expires
Mon, 29 Oct 1923 20:30:00 GMT
last-modified
Mon, 04 Mar 2024 06:31:03 GMT
pragma
no-cache
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-powered-by
Niagahoster
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918140119940916
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
34fffdfedef06bd61dffa85317463af59bc444adc04a1207e71da53b481f9c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
Origin
https://updesa.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51274
x-xss-protection
0
server
cafe
etag
1991570097069155969
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 06 Mar 2024 01:29:13 GMT
css2
fonts.googleapis.com/ 		402 B
716 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Abel&display=swap
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
06173c7a47216b2032a5caff35acf38ac5b8b6d1499e757c70c1b4695bca79d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Mar 2024 01:29:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Mar 2024 01:29:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Mar 2024 01:29:13 GMT
9mpjq.css
updesa.com/wp-content/cache/wpfc-minified/k9vyqf9i/ 		107 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://updesa.com/wp-content/cache/wpfc-minified/k9vyqf9i/9mpjq.css
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.108 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv141.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
8ea6992a69a092e9ef8e2acfef3cc3042c51234e560af5b5faf0f9282260e7ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 04 Mar 2024 00:27:26 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
content-type
text/css
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
13439
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
9mpjq.js
updesa.com/wp-content/cache/wpfc-minified/9htofiz8/ 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://updesa.com/wp-content/cache/wpfc-minified/9htofiz8/9mpjq.js
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.108 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv141.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
603c583d288f447761f09d7635cecf6844f421af4e95d066c13a4f196faa870a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 04 Mar 2024 00:27:26 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
33411
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
tujuan-pembangunan-desa-100x80.png
updesa.com/wp-content/uploads/2024/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://updesa.com/wp-content/uploads/2024/03/tujuan-pembangunan-desa-100x80.png
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.108 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv141.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
f0dda16cb23ecc6ecd198412fa313531b1ee913ad8ce50f3a3baccb381aba49a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2024 06:23:40 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
11656
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
tugas-panitia-pemilihan-kepala-desa-100x80.png
updesa.com/wp-content/uploads/2024/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://updesa.com/wp-content/uploads/2024/03/tugas-panitia-pemilihan-kepala-desa-100x80.png
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.108 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv141.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
e4d3070398c61367c6ba566fa750caf1b940dc263388ff7588c19778f1bc20ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Mon, 04 Mar 2024 01:32:35 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
12407
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
iuran-pbi-jaminan-kesehatan-100x80.png
updesa.com/wp-content/uploads/2024/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://updesa.com/wp-content/uploads/2024/03/iuran-pbi-jaminan-kesehatan-100x80.png
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.108 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv141.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
62bcfaafd3e44e68755a2c0862d9fa1666f3ec0efe2ba2c475a414da0b196ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Thu, 29 Feb 2024 18:43:15 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
content-type
image/png
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
12967
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
js-mainmenu.js
updesa.com/wp-content/themes/Updesa/js/ 		399 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://updesa.com/wp-content/themes/Updesa/js/js-mainmenu.js?ver=6.4.3
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.108 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv141.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
25e63f202713f66bb95ef090656078114da98fadbb52e0e19ee67dfbaca79101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Wed, 14 Feb 2024 15:08:57 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
183
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
polyfill.min.js
cdn.polyfill.io/v2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver&ver=6.4.3
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
lazy-load-images.js
updesa.com/wp-content/themes/Updesa/js/ 		632 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://updesa.com/wp-content/themes/Updesa/js/lazy-load-images.js?ver=6.4.3
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.108 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv141.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
92e68c05a0150a7151561ee32a6d838ce3afeb6d1625831f859e33a519fb5b0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:14 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Sun, 24 Sep 2023 08:34:24 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
Accept-Encoding,User-Agent,User-Agent
content-type
application/javascript
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
275
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
MwQ5bhbm2POE2V9BPQ.woff2
fonts.gstatic.com/s/abel/v18/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BPQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://updesa.com
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 08:56:53 GMT
x-content-type-options
nosniff
age
59541
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9588
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:29:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Mar 2025 08:56:53 GMT
syarat-calon-kepala-desa-tahun-2024-100x80.jpg
updesa.com/wp-content/uploads/2024/02/ 		548 KB
548 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://updesa.com/wp-content/uploads/2024/02/syarat-calon-kepala-desa-tahun-2024-100x80.jpg
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.163.42.108 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv141.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
470a454297fa8c7bbb372dd9f782d2c728b8ab6f2b51315717e82d78a018377c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Wed, 28 Feb 2024 18:06:55 GMT
server
LiteSpeed
x-powered-by
Niagahoster
vary
User-Agent,User-Agent
content-type
image/jpeg
cache-control
public, max-age=10368000
accept-ranges
bytes
content-length
561103
x-xss-protection
1; mode=block
expires
max-age=A10368000, public
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/ 		405 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918140119940916
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
f2d02832f972d62aa43bd8a18d94193f7cf16fa1936aac79474b15a82b768a56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140440
x-xss-protection
0
server
cafe
etag
16480287866972002579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Mar 2024 01:29:14 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240229/r20190131/ Frame 56BF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240229/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4918140119940916
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

age
59736
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Mar 2024 08:53:38 GMT
etag
5035419970550746386
expires
Tue, 19 Mar 2024 08:53:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7F95 		3 KB
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&adk=1812271804&adf=3025194257&lmt=1709533863&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_l%7C308x810_r&format=0x0&url=https%3A%2F%2Fupdesa.com%2F&pra=5&wgl=1&easpi=1&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554313&bpp=5&bdt=811&idt=667&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=989562415044&frm=20&pv=2&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=684
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
d8d1f4953c216b6594b970dbe909a2a9000f5c654123b92e43c37ca9dd2bc9c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
580
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Mar 2024 01:29:15 GMT
expires
Wed, 06 Mar 2024 01:29:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B697 		101 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f56cc47042cf152ccff97a66f15767214b58cebd4b10af86c51a4cdca9339afa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
43375
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Mar 2024 01:29:15 GMT
expires
Wed, 06 Mar 2024 01:29:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5BE8 		844 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=1692014915&adk=4069779367&adf=3610118697&pi=t.ma~as.1692014915&w=336&lmt=1709533863&format=336x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554319&bpp=1&bdt=817&idt=700&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x280&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=703
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
28d1971e43e505ccd26fcd81810b0bdd08008d391585f67eb98d5bc5545773cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Mar 2024 01:29:15 GMT
expires
Wed, 06 Mar 2024 01:29:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-4918140119940916
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4918140119940916?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
d08d24de6c72a8b47d0fbf9c414752f66497a2253792710144aa0d8a77176f4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sy-CQFz5dcoAgmutTwK0qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-sy-CQFz5dcoAgmutTwK0qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmLw05BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTD8bp3_no2gRuv5rUxAQAHpS2K"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5EAD 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COjoVhCa4vMCGOnRiYcCMAE&v=APEucNU2SDUrorxPSZWr3pW_6vRGDOqRnp_WAttrYRK0-vasM_4VVJOzvnOXS-E1kIeB4WLVS3Te0tilZO1Fq2qx5umVDyxX-Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Mar 2024 01:29:15 GMT
expires
Wed, 06 Mar 2024 01:29:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240304/r20110914/ Frame 3DD5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240304/r20110914/abg_lite_fy2021.js
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 00:58:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
1866
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Mar 2024 00:58:09 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240304/r20110914/elements/html/ Frame 3DD5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240304/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:12:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
1000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3206
x-xss-protection
0
server
cafe
etag
12640889860211258669
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Mar 2024 01:12:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3DD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssf7Q0W5SioOGfFs9yS2rTz_oknBFwWkG1K73o5ucciChxMDTehvlI6Bj5GTsa4ZODVk1IRCsuGGIlTfwE1IEClePCProwmuYbydavcvM9V7zGF_tQeLwdly5jdmwpccLHnjCIEnBRDRFyfjtw5Z7exO9tmC6VhkVoN2RDMBkcwSuAATsqQcNa4IiRS79RB4puDYaLr4gF7tRqDnaTsclxSNDQq_hkAGa7bsxR2AL1V9xDD82kCgs_6s2APzT9iqeZmo64I0PpURCE22pskaDgePT8fD_SyJF8C26coWUkdbMuJnvybmFieT65AnYJMawhvQrDpALt_zYfF_fb3lKlE9H3T9Cx9FCskKY1Lyzcn22GZ7YMDeMScJsts3HtmDnSvRKYNh95nUw19asNEBm5eHni4tlOYgIwjmMErZKJWHS4IJTT-Ty1bKMoMp4hQyM-cIqzWZsn8Mon4AVvGfM2lUZt2UyTL0i2URaRj1pcxpHn-ANHWfSo5IRcWYPvklNqUiWwosyaME-abmlxd3ZYzpUfKoP1_RIUd-u2vx9LCzxKwovFsMUYQqsGNUH41PJm0Qpgudgc0vu7t3gaWvb0-8CaJT1nEWOG4B23fI2GYkq6_hw9EERzjoBMxZoekYmeDymL_UdBJBxa-TeK9SMOCk70a-KxFTk6r4TlncEZwWC4bCWfZjQCVtg5kuJK-u1Ll1kHVNYOk7iNIQAUO7tiSCaKISayPIvo6CElS6r-ZhOFLRY3PAJhLl19peSdRb9ABQFwBTQDizE4MzGukGwp_Scx7dcJDqZKyLRJcHRPpOL5BCGqrBNVZi1tFbd98nVpay0lLwtYCfMJrw_EFQsg9qzj6w9gEZWKRf1sQt_tpvSO4LnSC6YXPC4Pg2VLZjpPNtH0b7nAvx6A-aaxmraWdPQhiuH5_Ja3OjZwyo4EdcWYM8btZFfMHEWGcVjjYj8jksP1mGRfY4Ed2CWYtJxpolviR8K-PcTgtY5oWbVUe4jrQuaQPiS-mq25aE6ix0MQ06UERM1ydbLctKzfd57a8XRNSmGBHqDXIA7tycJOqvuu2ztEoUJso-_q1LrAv6vUM2roCCS1XBLdza73Cjf4Sa9FN8rLedRmMJkGn_8cLQXaU_gLnWxbL12rd9LQxIdE3Kaiv1j4GIM7R9EzSRxPXUaxuXp0mbx3gxKzhUffK0l4Q7KXk1t2d_mP3uZKu3v8vbM4Q7mdnf5_XHKQlrJSv0AcvijwXUW5bdcZuDejIfcm13gzCbluELQw7snR8gtH0I8Jma5c7GmamklUCE0_Snid7LgNAxKwj2gNegogrRnBlnoUwM7_y3wVrsoLeAkt3ED3M0N1HTg&sai=AMfl-YR3S9q42NcOd-E0qb7L8wYhnTTizjjswVkOWHMsCd8qcsxU_CMlkuKL2t4Y_3aGJ3cXqz3LYDWPC-HMarZlVyXuKccCnBxKcIvx6ULA4I01NW5OH6xnt8P8Rr2kYo-a0jCgVPT1rfPTVTDUNbvi6J8RsceF-SMDrGjzodIJcLlSuXXEcxZTYxEw35cSml6QDYY1J-0Mrli9-CwOqTurKzJH7u1EKuXKbciRE3zyPG_5k-sPoIUofJrLpgMDsJSJzQTUxnCe_fZbtwlDhgtI0RRZCboqJcnFF7KPr_c0wpPbKwKmJ6MEqneg5KeqsVxNec22Jx0vSR5EKQkm6fPonodiJ15nNv8eS0CheObWkAggS5Gtzhv3nbcIomUroWMrHvAgUAaYQESzQ6emhnr54fNOPfavrrG3B1ZiGmJDz3vkX--UNChquJGmNR89Z5dhC1muJBE9OsWnuJ6o3Ibo2fDE-xUnSlod_oxBxOzDRwqTml8p0OPmqVc&sig=Cg0ArKJSzPnaLedLQxUrEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20240304.10106&arae=0&ftch=1&adurl=
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 06 Mar 2024 01:29:15 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 06 Mar 2024 01:29:15 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3DD5 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 21:38:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
100250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Mar 2025 21:38:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240304/r20110914/client/ Frame 3DD5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240304/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 00:51:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
2294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Mar 2024 00:51:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240304/r20110914/client/ Frame 3DD5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240304/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
cafe /
Resource Hash
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 00:51:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
2295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8212
x-xss-protection
0
server
cafe
etag
9277691884081322989
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Mar 2024 00:51:00 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3DD5 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 00:53:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
2133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=windows-1251
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Mar 2024 01:53:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DD5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dw_Erk9FTNLJMGQZqnNOLOf5k5_ySNVwvQHP65nQ1PvCmUvgUEY1GlYmK9hIOp99O-hpink32gXAeIm5zt3gn_sPMs-zhrw5fO5XJcNmkhHuwUhIs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3649792903837572260
s0.2mdn.net/simgad/ Frame 3DD5 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3649792903837572260
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f102.1e100.net
Software
sffe /
Resource Hash
db6aa7c1e04bcefd58abfb5fe1fbe9a0f1a3957a97743e67ccd19bb7ca4dac9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Wed, 05 Mar 2025 00:20:54 GMT
date
Tue, 05 Mar 2024 00:20:54 GMT
x-content-type-options
nosniff
age
90501
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100161
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 09:57:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rum
dsum-sec.casalemedia.com/ Frame 5EAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9F-7E4RC7ginDRiEm95mA&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9F-7E4RC7ginDRiEm95mA&google_cver=1&C=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN9F-7E4RC7ginDRiEm95mA&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjoVhCa4vMCGOnRiYcCMAE&v=APEucNU2SDUrorxPSZWr3pW_6vRGDOqRnp_WAttrYRK0-vasM_4VVJOzvnOXS-E1kIeB4WLVS3Te0tilZO1Fq2qx5umVDyxX-Q
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsmaxHJDuKC16r4aQfHbbA7ySzhWedd1%2Fq7tBof9t7y1qNZpxxpHDThSC7BiGmDN8HHAs9SWYwarRbIIiWsKIWGBq1CuP1wu%2BWVUIfbTAK98mJ1ZR4jxqVzthJffOJZeJR0szi41yB%2B%2Blg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85fe92e45df5e3cb-TLV
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OuxqqlRG1fyYy8RYZajZe%2BHFvnFc0EBG%2BXhCugn2gVJ%2BGFTP9qsh4jbgYJ35mrvt4KtxJZVFaEXjMQhv8PMxgiz4KLhz8m1Dex8FX7AA0AzJo6o9bnSp4OvIvAalCI5jhseG%2BxrjpziBYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEN9F-7E4RC7ginDRiEm95mA&google_cver=1&C=1
cache-control
no-cache
cf-ray
85fe92e29eb4e3e3-TLV
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 5EAD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZefG64sFVT4AAA0EAA..oAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENCTpBLmdcH7AL3xiLALNwo&google_cver=1&google_hm=2
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENCTpBLmdcH7AL3xiLALNwo&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjoVhCa4vMCGOnRiYcCMAE&v=APEucNU2SDUrorxPSZWr3pW_6vRGDOqRnp_WAttrYRK0-vasM_4VVJOzvnOXS-E1kIeB4WLVS3Te0tilZO1Fq2qx5umVDyxX-Q
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kECJNPRY11P0YV2M3cBzIzQRtg4ezRqM8i8yaWycH25uIe2i56zM3zHV26loDT8xUm8FjyJ2BbCJiONceFa%2FNK%2Fj34alHdjF6tjyEe3d5MBf7ZnXaawW9IAIgAcck8hNHhUqsPYRh043ew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85fe92e56f67e3cb-TLV
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENCTpBLmdcH7AL3xiLALNwo&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 5EAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJj7onvxHXqBYq01_7eCbp4&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJj7onvxHXqBYq01_7eCbp4%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJj7onvxHXqBYq01_7eCbp4%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjoVhCa4vMCGOnRiYcCMAE&v=APEucNU2SDUrorxPSZWr3pW_6vRGDOqRnp_WAttrYRK0-vasM_4VVJOzvnOXS-E1kIeB4WLVS3Te0tilZO1Fq2qx5umVDyxX-Q
Protocol
H2
Server
185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:16 GMT
an-x-request-uuid
a17e8fd6-3e9c-4f19-868a-e959c6914762
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
31.187.78.241; 31.187.78.241; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:15 GMT
an-x-request-uuid
14d9111e-6872-43d2-8870-c6d654943683
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJj7onvxHXqBYq01_7eCbp4%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
31.187.78.241; 31.187.78.241; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EAD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1MTMyODA0NTQ2NzM4OTQ4MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1MTMyODA0NTQ2NzM4OTQ4MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COjoVhCa4vMCGOnRiYcCMAE&v=APEucNU2SDUrorxPSZWr3pW_6vRGDOqRnp_WAttrYRK0-vasM_4VVJOzvnOXS-E1kIeB4WLVS3Te0tilZO1Fq2qx5umVDyxX-Q
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:15 GMT
an-x-request-uuid
56b7d45c-bc09-4f67-8890-9850a5ef3743
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTg1MTMyODA0NTQ2NzM4OTQ4MA%3D%3D
x-proxy-origin
31.187.78.241; 31.187.78.241; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
AGSKWxVX3e9IkDx7IAySZTbjG7eY--UoyhtAUIYs5CcmjIgiPkB8BjQaqzwfVzh06rUaIauezVCAG6JNGJpsi2hLsRZuYAK9vej4kxc2pIIKEnPxAeX350Tne2O991z5T007xotFZv6Nvw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVX3e9IkDx7IAySZTbjG7eY--UoyhtAUIYs5CcmjIgiPkB8BjQaqzwfVzh06rUaIauezVCAG6JNGJpsi2hLsRZuYAK9vej4kxc2pIIKEnPxAeX350Tne2O991z5T007xotFZv6Nvw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5Njg4NTU1LDc2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly91cGRlc2EuY29tLyIsbnVsbCxbWzgsIkY4OFhiaHFMb2pRIl0sWzksIml3Il0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
995ad023080529f36f0e9b71e99661c5696bc2aff5ad3cda005768365835a391
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r1ChCc7DAlKVU6CqFTrBrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-r1ChCc7DAlKVU6CqFTrBrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw1ZBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTD8bp3_no2gY6T76YwAwAGMC13"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3DD5 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46c755361bf9d0cb07eda1d516c7ebfdf4123edb5dc717f738c385d4e996c073

Request headers

accept-language
he-IL,he;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6BD4 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

accept-ranges
bytes
age
125237
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 14:41:58 GMT
expires
Tue, 04 Mar 2025 14:41:58 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 3DD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssf7Q0W5SioOGfFs9yS2rTz_oknBFwWkG1K73o5ucciChxMDTehvlI6Bj5GTsa4ZODVk1IRCsuGGIlTfwE1IEClePCProwmuYbydavcvM9V7zGF_tQeLwdly5jdmwpccLHnjCIEnBRDRFyfjtw5Z7exO9tmC6VhkVoN2RDMBkcwSuAATsqQcNa4IiRS79RB4puDYaLr4gF7tRqDnaTsclxSNDQq_hkAGa7bsxR2AL1V9xDD82kCgs_6s2APzT9iqeZmo64I0PpURCE22pskaDgePT8fD_SyJF8C26coWUkdbMuJnvybmFieT65AnYJMawhvQrDpALt_zYfF_fb3lKlE9H3T9Cx9FCskKY1Lyzcn22GZ7YMDeMScJsts3HtmDnSvRKYNh95nUw19asNEBm5eHni4tlOYgIwjmMErZKJWHS4IJTT-Ty1bKMoMp4hQyM-cIqzWZsn8Mon4AVvGfM2lUZt2UyTL0i2URaRj1pcxpHn-ANHWfSo5IRcWYPvklNqUiWwosyaME-abmlxd3ZYzpUfKoP1_RIUd-u2vx9LCzxKwovFsMUYQqsGNUH41PJm0Qpgudgc0vu7t3gaWvb0-8CaJT1nEWOG4B23fI2GYkq6_hw9EERzjoBMxZoekYmeDymL_UdBJBxa-TeK9SMOCk70a-KxFTk6r4TlncEZwWC4bCWfZjQCVtg5kuJK-u1Ll1kHVNYOk7iNIQAUO7tiSCaKISayPIvo6CElS6r-ZhOFLRY3PAJhLl19peSdRb9ABQFwBTQDizE4MzGukGwp_Scx7dcJDqZKyLRJcHRPpOL5BCGqrBNVZi1tFbd98nVpay0lLwtYCfMJrw_EFQsg9qzj6w9gEZWKRf1sQt_tpvSO4LnSC6YXPC4Pg2VLZjpPNtH0b7nAvx6A-aaxmraWdPQhiuH5_Ja3OjZwyo4EdcWYM8btZFfMHEWGcVjjYj8jksP1mGRfY4Ed2CWYtJxpolviR8K-PcTgtY5oWbVUe4jrQuaQPiS-mq25aE6ix0MQ06UERM1ydbLctKzfd57a8XRNSmGBHqDXIA7tycJOqvuu2ztEoUJso-_q1LrAv6vUM2roCCS1XBLdza73Cjf4Sa9FN8rLedRmMJkGn_8cLQXaU_gLnWxbL12rd9LQxIdE3Kaiv1j4GIM7R9EzSRxPXUaxuXp0mbx3gxKzhUffK0l4Q7KXk1t2d_mP3uZKu3v8vbM4Q7mdnf5_XHKQlrJSv0AcvijwXUW5bdcZuDejIfcm13gzCbluELQw7snR8gtH0I8Jma5c7GmamklUCE0_Snid7LgNAxKwj2gNegogrRnBlnoUwM7_y3wVrsoLeAkt3ED3M0N1HTg&sai=AMfl-YR3S9q42NcOd-E0qb7L8wYhnTTizjjswVkOWHMsCd8qcsxU_CMlkuKL2t4Y_3aGJ3cXqz3LYDWPC-HMarZlVyXuKccCnBxKcIvx6ULA4I01NW5OH6xnt8P8Rr2kYo-a0jCgVPT1rfPTVTDUNbvi6J8RsceF-SMDrGjzodIJcLlSuXXEcxZTYxEw35cSml6QDYY1J-0Mrli9-CwOqTurKzJH7u1EKuXKbciRE3zyPG_5k-sPoIUofJrLpgMDsJSJzQTUxnCe_fZbtwlDhgtI0RRZCboqJcnFF7KPr_c0wpPbKwKmJ6MEqneg5KeqsVxNec22Jx0vSR5EKQkm6fPonodiJ15nNv8eS0CheObWkAggS5Gtzhv3nbcIomUroWMrHvAgUAaYQESzQ6emhnr54fNOPfavrrG3B1ZiGmJDz3vkX--UNChquJGmNR89Z5dhC1muJBE9OsWnuJ6o3Ibo2fDE-xUnSlod_oxBxOzDRwqTml8p0OPmqVc&sig=Cg0ArKJSzPnaLedLQxUrEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=553&vt=11&dtpt=550&dett=2&cstd=0&cisv=r20240304.10106&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: updesa.com
URL: https://updesa.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
FtbRVNLeMsVpOUb8g3d6whERyhGdq73fyvogBgVrQ7M.js
pagead2.googlesyndication.com/bg/ Frame 6BD4 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/FtbRVNLeMsVpOUb8g3d6whERyhGdq73fyvogBgVrQ7M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
16d6d154d2de32c5693946fc83777ac21111ca119dabbddfcafa2006056b43b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 08:18:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
61819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20249
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Mar 2025 08:18:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BD4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BWAqN68bnZeu9Bb_HjuwPuYeEiAkAAAAAOAHgBAI&bg=!xcalxonNAAaCCwxOogs7ADQBe5WfOOR2YLSYocvGO32jIWmAuq_ZBdYEBRePUPgJ8HiLjMJ2d6tWqcAJgWRGIw8h747pAgAAAF1SAAAABWgBB5kDBLrSrRHrxLyAn_pIqY19pQLxGpNtxrINzdtRoZS1_b300pyoE4KY886yvJH8v5rd6HXEm1zVh6xvhXoBUUf-92FbaEVXqP2WZ_9Ui8ZSz9CncaFMd05Gk-tqkudUFsNYXmNDswfuuM-oxYxFfsldI-OYhF3UTJP-E9Zv0Te8Mj-yBm2TJZx7YpDXdLzhaMdVMym__2XEvoiXolyGcKijm38U_XN6VtNV0jH0Y75FE8cBqS8ZcEhKjskd7VG9Az28paCHBO5-z-8EXe5j-gbaQkDNfGpUxEj8A9djh9b6iLuBRxRMNZJp2Rh3gLPpWOIE9SxKUKvz-6m5jlY5gLxFz0nTMp5tCWS1TqnnuwgZDx3DYsBZuw8H423Bvv_OhXxz8HcMg3pMoPiAAT5n4hxDCIG6pDtg4kETvVJy3n48zDJxOTffNr7lNugajQXd6ZxLUQClsBDBunGSjweG2SYBA06NOlitqekMIJ6qtAX50ehrthl8Vp4HrXb9GxDfRkLzxcqzst3L3VI66wzaHV9NscFA0k0mSavUsK_Vr2Je9zlIM8-61UAbAVtd0KSnP8CDDE8lEVzP1Cb0jWMLXjgguS-HHprug9pkOpwepPHkJb92kOeNyfhixeHbUt9oaltptGE8ZfHml9cfmUXxUeWoxwF9RC4xv3T8onLYRDq8ua2Bqe5Y_rlJRbGCCfswGWO7OFiUj3aKqp0WsvciQrw_RpJlGRh5BKzL67tRo67wIgfrnl8iyiiZ1pf8wVMB5emmQniYA6SM0X7Jsb-buzn53FYYc221j24_F7dCcZz4vTCUxZpt92qydRl25eOdxLjEvII29lk4voIFVfrnf1YTClz-HWRc868RJ2RlaU1ht1G-TTpXZoPA3h0ElhXvuUF5u6kOpBwimdgRPYUtcv1tqAPdhzjYh1H3GlsWtjPtxSH-Qxpcblg-fIe5etaUEIWjgdF6ryC9EvP6F6-xsXFObOQtoyAInUQM16mhpNoOaqKIefa8dJpMqHBgfbB1tPzRWRJCphw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4918140119940916&output=html&h=280&slotname=8764320379&adk=4200600389&adf=82444209&pi=t.ma~as.8764320379&w=300&lmt=1709533863&format=300x280&url=https%3A%2F%2Fupdesa.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709688554318&bpp=1&bdt=816&idt=687&shv=r20240229&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=989562415044&frm=20&pv=1&ga_vid=556979681.1709688555&ga_sid=1709688555&ga_hid=321623906&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=634&ady=905&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31081587%2C95325753%2C95325976%2C95326316%2C95324160%2C95325784%2C95326913&oid=2&pvsid=4265832075017029&tmod=1153219616&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=693
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jamnboad.
fundingchoicesmessages.google.com/f/AGSKWxXxs7AoSF1IyOSo_a4Qop4xUkPbMxKgSGk4Unqad1B9IQzneLqsejuXfERn_aukasM7Kp9vAO9a2XYkt6RNjrcT8uxL7kDhh9QE6JdTJkQerHaD2y27nuXt4-29vzek8V9KtQhy20bvbh6SoihtjWbi5_OR-... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXxs7AoSF1IyOSo_a4Qop4xUkPbMxKgSGk4Unqad1B9IQzneLqsejuXfERn_aukasM7Kp9vAO9a2XYkt6RNjrcT8uxL7kDhh9QE6JdTJkQerHaD2y27nuXt4-29vzek8V9KtQhy20bvbh6SoihtjWbi5_OR-qsyU-xaFfV2YcW6c2-6j1ihYLHQCqZe/_/540x80_/ads/right..eg/ads//adv_horiz./jamnboad.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx_WDxI7ImNSY8mazvOH5aCRAMyQg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
0a0227a07b225cc681647540ea963633c4a1d3ede540309d0848466bd21c95fd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QaN7XwtvMvGftR-QEkivZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-QaN7XwtvMvGftR-QEkivZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmJw1ZBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pJJ4OtLJgkg1gLiHT4eLHzrprOqALHh-umskUAc83w6awoQO6XPYA0BYp_6GaxxQCzEw_Gmd_56NoEdXZsXMQEAPoMyQw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMx_WDxI7ImNSY8mazvOH5aCRAMyQg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ff1960a45c6c700c71fe8dd2a8f57127aba9acabb5d0c23a3a263ed5b81a5422
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 00:46:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
2537
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24264
x-xss-protection
0
server
cafe
etag
8613831024126762174
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 06 Mar 2024 01:46:59 GMT
AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xyZv0V7N1yEKkpwrr2BGuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Mar 2024 01:29:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-xyZv0V7N1yEKkpwrr2BGuw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1pBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8aZ3_no2gR0zLi1kBgCMoRFp"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://updesa.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-79OVF0x9lAY9yO2u-44Srw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Mar 2024 01:29:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-79OVF0x9lAY9yO2u-44Srw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw05BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8aZ3_no2gQeX70xkBgCNbRHB"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://updesa.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GvkbsJcvb_pcaRgsG3dSSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Mar 2024 01:29:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-GvkbsJcvb_pcaRgsG3dSSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw1ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8aZ3_no2gQ8XZy1iBgCM4xGd"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://updesa.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bqCEccmGrE5LN9dIMPDsMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Mar 2024 01:29:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-bqCEccmGrE5LN9dIMPDsMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8aZ3_no2gQOnvi5iBgCPEBHN"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://updesa.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV2XHTvByiX5AQ9S5Ib4aKGlj2xdGoUlqb6Zcbwa1ks9JRD9qs1_VjbZnrcFrHgW17AreXxltHfw2xytQiR0c3K3eMHmf6iw7LSonW4_g-NaADVXXQM873aNCR64e7ZAifP7IVpMg==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV2XHTvByiX5AQ9S5Ib4aKGlj2xdGoUlqb6Zcbwa1ks9JRD9qs1_VjbZnrcFrHgW17AreXxltHfw2xytQiR0c3K3eMHmf6iw7LSonW4_g-NaADVXXQM873aNCR64e7ZAifP7IVpMg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5Njg4NTU2LDY3MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdXBkZXNhLmNvbS8iLG51bGwsW1s4LCJGODhYYmhxTG9qUSJdLFs5LCJpdyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
0d42b9b46fd2458d1b8d2cce1a2ddca4fb8605d8d5def2db399a4593b2ac201d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AlU1Mk7O5xOBwDTcC5YEwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-AlU1Mk7O5xOBwDTcC5YEwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw05BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTD8aZ3_no2gY4fPa-YAAN6LZM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dJaFbQkgXKexn6yC8FTNDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Mar 2024 01:29:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dJaFbQkgXKexn6yC8FTNDQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTD8aZ3_no2gQmnb65lBgCMdhGF"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://updesa.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWULSjfM9Rs3xoru8m_kKTiJl3_y0ACLbbJEKmWDSmvFn3-YmrIoilS3AUorUT9vLDyarZV9hSFPsjASPxO5OGsdDB2J7jH0YY-TrXg9VwMdt4SnxQLxvIClZPhUhDtYnNx29-KwA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWULSjfM9Rs3xoru8m_kKTiJl3_y0ACLbbJEKmWDSmvFn3-YmrIoilS3AUorUT9vLDyarZV9hSFPsjASPxO5OGsdDB2J7jH0YY-TrXg9VwMdt4SnxQLxvIClZPhUhDtYnNx29-KwA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5Njg4NTU2LDgzNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdXBkZXNhLmNvbS8iLG51bGwsW1s4LCJGODhYYmhxTG9qUSJdLFs5LCJpdyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
a875fc16369d3fd88c0664672d356dfa520230f81319631c712292b294ea96dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LEi1ZuUmtPCZf9Agbmkt7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-LEi1ZuUmtPCZf9Agbmkt7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTD8aZ3_no2gRUf_-xgBgAJpS32"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXoPjYtQHcqlMMqiqV7YpOg3EVSE4unxm0P6ePkZ20Uk40TePW5VXGA6ujXEqH_R0LiGEktt97pFJrGDlDa_3HrKuD28dO6wKxuXoG4XeV0oAySWRy9iu5KjiqKFxppzDO_dL0Usw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXoPjYtQHcqlMMqiqV7YpOg3EVSE4unxm0P6ePkZ20Uk40TePW5VXGA6ujXEqH_R0LiGEktt97pFJrGDlDa_3HrKuD28dO6wKxuXoG4XeV0oAySWRy9iu5KjiqKFxppzDO_dL0Usw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5Njg4NTU2LDk5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly91cGRlc2EuY29tLyIsbnVsbCxbWzgsIkY4OFhiaHFMb2pRIl0sWzksIml3Il0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
530e01255f2d8cef17aefd7bab5308e2206ca85dbe04f4c8638d51f37a2c565d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AoDUmbMTXkTRlt4O5AeBeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-AoDUmbMTXkTRlt4O5AeBeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw05BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTN8bZ3_no2gQ3HFioDANVDLNU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUxAi4bZ71HUv3nDEEczMzAHxujg1oN-ZuHjbN7gmoUncEn4kLX4vICwVsd0yZd5TphLPJZCMeLhNx3pZYobkp68csoLO9z_VP75FtmIqJvtcJeXmX2RDGMQdeHtG-2xjJIha1IjA==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUxAi4bZ71HUv3nDEEczMzAHxujg1oN-ZuHjbN7gmoUncEn4kLX4vICwVsd0yZd5TphLPJZCMeLhNx3pZYobkp68csoLO9z_VP75FtmIqJvtcJeXmX2RDGMQdeHtG-2xjJIha1IjA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZvDiFoAvaOyE-HQIrN22Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Mar 2024 01:29:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZvDiFoAvaOyE-HQIrN22Rw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTN8bZ3_no2gRm7diQDAHpQEQ4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://updesa.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCrbC7kUN2-PHCZX5GGOTre3Zj4HcD7cty-H073lXfCSrepYw-2buyvee4nhdWgMLlCQxlBs-vNDr-uh_-srgTxsKL7j4bzIT6-Fd2MUnB3u_iVghsVEzF-bQqpqY4lL1wN3f1GQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.F88XbhqLojQ.es5.O/am=wA/d=1/rs=AJlcJMy1qVRwqkMd09bq5-2hRDt7jDRUMw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LK1MVTwkXV4I26G7SUNwDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
accept-language
he-IL,he;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 06 Mar 2024 01:29:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-LK1MVTwkXV4I26G7SUNwDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw05BiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTN8bZ3_no2gR-bGooBfDkRQw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://updesa.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240229&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
74125ef3e4c718839abfd466251dcffc7f1b5c2801d106e2421fda5961fcfce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12325
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 01:29:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FB7A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://updesa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

accept-ranges
bytes
age
12200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Mar 2024 22:05:57 GMT
expires
Wed, 05 Mar 2025 22:05:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CDC0 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f4.1e100.net
Software
GSE /
Resource Hash
a209c07c2e3a100d4811f29242189cc713877eba4dac94bb3d149af054847d8c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IRCkpD21N9Br4sV4ZaNz3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://updesa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
he-IL,he;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IRCkpD21N9Br4sV4ZaNz3w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Mar 2024 01:29:17 GMT
expires
Wed, 06 Mar 2024 01:29:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
pagead2.googlesyndication.com/bg/ Frame FB7A 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Mar 2024 21:55:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
12829
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15753
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 05 Mar 2025 21:55:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3DD5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst8te56uRHm4itSO8Ija68XbCcy3B_ObVDideOPxXgNJy_vxeVVAZaq-CCHnS-0rLrZVY7nXnChHTgE140iMamgSHMUZAs6pJ2unt4nTWlDgel819krqHE2dR2W4N5BmCylVeNBu4nUjecCduzMIg&sai=AMfl-YRZ0lPn4PYoIMvB7fcg7p1t09JgCvVCyBKvPmCmSx6Q9m_B-lnHcN1XpHCWHJ5LUkY30nh5u-ihqA9o5F-l7BihJ7SE75bhBa4WtdI263N6ySj1udu_LXZlkNCuX9ej-bIXGGb5XFbbrZ9UG8Ko&sig=Cg0ArKJSzHGEjWyCAikCEAE&cid=CAQSTgB7FLtqDQVyMvZetOyKyhws35SllMq3JmBruEkdkdQ_kyM0A04enmY5Tob2y16bxh70NHWB4zUKIudqXvjNiLBB1C7Dk5e8UOqE4AF3-xgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4200600389&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=562135500&rst=1709688555302&rpt=1333&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Mar 2024 01:29:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame FB7A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tArFfA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f193.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 06 Mar 2024 01:29:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame CDC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240229&jk=4265832075017029&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240229&jk=4265832075017029&bg=!0dKl0p3NAAauXHXJjlw7ADQBe5WfON3TrsrwvyKz-bes-vhOy6OURcEAt9341O5DVaHcyiH_F1VtakmVeyTPRURO-eRgAgAAAFNSAAAAAmgBBwoArZ0uHFjdeJ8831rDUEGWsjvyi8uxgLjwwzK_hokkYxsfqJbJRboZ2lY4Da6BoQ6bh4E1W0BYNNjBnFPHW9yA1iDNnU2rVbnTU8Vr5DGxzW9YU_EIMWrfxrZeN1glzIySq9YnxlIucbw_nBswYygO7MPlJ3F-hQDO1L0jSLg4JJo_Dk3mQ2_sm8_V8mScokSwmyH-XcrgyTyx--qSt73DreyY2DWAKp4beS7vYn7fmQK8OZpx8reXP8W0JKa5__RYwKqoc8OdaJN3tfg5wUXSGPB42qi-NX269pJ4Ec4WfM2fvFn7Qg9RTow9J32_7kg0Z8NDddMN69H5fd_MOuyoTfagvJNfx9bvwc57LDCCamdqkjPSSeEdXaaEnXJe5Mb_8i80tYqicPLcFcrlZ20lTqTo3fvwZlsG6IfDEJZQYY9-4F_pZvSG0MdIOKEgJrExVzUgE2nTS56OaxJqW7H9P7Yzzp4-37n_PEJrzghBU5se221qvPGqOvRY8LxtrVxgk3Iw-xeVjxqyS2c7W77nn4KuIMzkphOX9mUpjFqvLwF_2dl82UpADVRB78RruF6QzRjdlQlyYVJell-tlpJvq9hDuJql4w1GqUCYGC--Qsnj3tMMAA5j2xDY1fRNNPFz4X-IhMBety3DZpyTf_BLu84GZrWBahdjjrhjw-7cvfw5osW4b8xQT8dBQ-i-swJ1vtCsGSsT_liN_C54QHYD-n7t7kShnFTRU9dxOWEpmJNTcHil2KiNrTm6FTBMaGmQNMvWsHfIHHbVOT8bX69h5CBz8apF3y7u9cpnBEmmZC0-j4xWC-2cdX73PvRjzuRkBZBJTOV74gN_uuWEHIuTVs5k6b9qEWK4zw2aK3luztvOV7tCJxUaftadNgHSLS4jdM43RB8kp-IGDUBAXczNKGXwJOM4E6ruFNc9JZIK9nvRrd7_uhE3IsthxY4bD1ZAd53AOLewJ_fPgtvHhy4c2L-d4cif5HZuc7kqeWC3u5QVnOQL4oaTjuoU4z6bOLi3Fpbed4qD7h_ZBqw9M_BH1rJBSZ4ygL5c-LrIuzdzePSUYrWAa9SsnVBe4oga-rtJ6OEwVLyyRBFN2MjufUNTTjjTMSufdeHh_AIPFWq8VQwu_MAhbMpsQgkWaxee5cPg7IqYUn7tWILfM-Gytg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
he-IL,he;q=0.9
Referer
https://updesa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 undefined| $ function| jQuery string| cari number| redirect undefined| OpenChrome undefined| activity function| preloadImage object| adsbygoogle object| closeButton object| stickyAd function| closeAd object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjM1OTA1ZWIyMGQ3NmJmMmxvYWRlcl9qcw== string| ZjM1OTA1ZWIyMGQ3NmJmMmNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googletag object| _google_rum_ns_ boolean| faed43c7-dafa-4a1e-a82b-4e83f4e20fa6 undefined| google_rum_values object| GoogleGcLKhOms

12 Cookies

Domain/Path Name / Value
.updesa.com/ Name: __gads
Value: ID=91fa8ee510e39604:T=1709688555:RT=1709688555:S=ALNI_Ma16g5Vh0a7r7jC3AwbWTop8V5klA
.updesa.com/ Name: __gpi
Value: UID=00000d69d8d640fe:T=1709688555:RT=1709688555:S=ALNI_MYY9AeFrfehMuKdsv2GiFtLIh8fbg
.updesa.com/ Name: __eoi
Value: ID=32b775db825409ba:T=1709688555:RT=1709688555:S=AA-AfjZSuZe43Tz9w8hvJlYj4cRz
.doubleclick.net/ Name: IDE
Value: AHWqTUnyBGE8ik6O1fi62L_7EqIch6Hfa7G4TnYXLM1J2_7JrYQACfjLNNWdQVtriKs
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: Yj63Ry66MEuoqm9m2w6FdA9jJrR6kTIoQVoKQVfHUK1xFsjew1LS5Fh0cuzFKk5Cul8yqTA0UFdhW7A8JJLlQzNZmMrVno8ZuZvMk_DVatQ.
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>3u>gq=!]tbPl1M>e)ZlrFUfJ+tGXxoDUCiuhAgXD9Xn8OvNVU6>[hQ)mQ<8Z?v@Ub_*bpRz*qF1`*b`KU*70$b
.adnxs.com/ Name: uuid2
Value: 2573569215665581859
.casalemedia.com/ Name: CMPS
Value: 5322
.casalemedia.com/ Name: CMID
Value: ZefG64sFVT4AAA0EAA..oAAA
.casalemedia.com/ Name: CMPRO
Value: 4742
.updesa.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8QhTEL4FrvKJJXCDh8JnJg5x0ddE9K5oM4646jGPGM_B_sl7KNTw5vta5vqbUrvibLZBhSGSIcDaxNNqX_QlY0MBKYpA9m31HrvjvIHLsZ8pL3JXgr9aMtvlunA6ViljLYz0QozyiB5a6gwGF67rdW8g1phw%3D%3D%22%5D%5D

43 Console Messages

Source Level URL
Text
network error URL: https://cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver&ver=6.4.3
Message:
Failed to load resource: the server responded with a status of 502 ()
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://updesa.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.polyfill.io
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
updesa.com
www.google.com
104.18.38.212
142.250.184.194
142.250.185.227
142.250.185.66
142.250.186.162
142.250.186.42
142.250.74.194
172.217.16.193
172.217.16.206
172.217.18.102
172.217.18.4
172.64.151.101
185.89.210.46
194.163.42.108
06173c7a47216b2032a5caff35acf38ac5b8b6d1499e757c70c1b4695bca79d7
0a0227a07b225cc681647540ea963633c4a1d3ede540309d0848466bd21c95fd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d42b9b46fd2458d1b8d2cce1a2ddca4fb8605d8d5def2db399a4593b2ac201d
16d6d154d2de32c5693946fc83777ac21111ca119dabbddfcafa2006056b43b3
25e63f202713f66bb95ef090656078114da98fadbb52e0e19ee67dfbaca79101
28d1971e43e505ccd26fcd81810b0bdd08008d391585f67eb98d5bc5545773cb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34fffdfedef06bd61dffa85317463af59bc444adc04a1207e71da53b481f9c80
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
46c755361bf9d0cb07eda1d516c7ebfdf4123edb5dc717f738c385d4e996c073
470a454297fa8c7bbb372dd9f782d2c728b8ab6f2b51315717e82d78a018377c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
530e01255f2d8cef17aefd7bab5308e2206ca85dbe04f4c8638d51f37a2c565d
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
603c583d288f447761f09d7635cecf6844f421af4e95d066c13a4f196faa870a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bcfaafd3e44e68755a2c0862d9fa1666f3ec0efe2ba2c475a414da0b196ef7
74125ef3e4c718839abfd466251dcffc7f1b5c2801d106e2421fda5961fcfce7
7d83c069e183cfb4c79890cef38998ec72ce76184230a9c3123443bce23cfe2b
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8bea498aed7cc1366e8b966e467b98219c803107d728eab8a6c4c9b045def699
8ea6992a69a092e9ef8e2acfef3cc3042c51234e560af5b5faf0f9282260e7ef
92e68c05a0150a7151561ee32a6d838ce3afeb6d1625831f859e33a519fb5b0a
995ad023080529f36f0e9b71e99661c5696bc2aff5ad3cda005768365835a391
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a209c07c2e3a100d4811f29242189cc713877eba4dac94bb3d149af054847d8c
a875fc16369d3fd88c0664672d356dfa520230f81319631c712292b294ea96dd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
d08d24de6c72a8b47d0fbf9c414752f66497a2253792710144aa0d8a77176f4a
d8d1f4953c216b6594b970dbe909a2a9000f5c654123b92e43c37ca9dd2bc9c6
db6aa7c1e04bcefd58abfb5fe1fbe9a0f1a3957a97743e67ccd19bb7ca4dac9a
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d3070398c61367c6ba566fa750caf1b940dc263388ff7588c19778f1bc20ae
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0dda16cb23ecc6ecd198412fa313531b1ee913ad8ce50f3a3baccb381aba49a
f2d02832f972d62aa43bd8a18d94193f7cf16fa1936aac79474b15a82b768a56
f56cc47042cf152ccff97a66f15767214b58cebd4b10af86c51a4cdca9339afa
ff1960a45c6c700c71fe8dd2a8f57127aba9acabb5d0c23a3a263ed5b81a5422