urlscan.io logo urlscan.io
SecurityTrails logo

because-gus.com Open in urlscan Pro
109.234.165.193  Public Scan

Go To Rescan Add Verdict Report
URL: https://because-gus.com/forums/participants/123bvncc/
Submission: On May 10 via manual from VN — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 3 countries across 19 domains to perform 73 HTTP transactions. The main IP is 109.234.165.193, located in Levallois-Perret, France and belongs to O2SWITCH, FR. The main domain is because-gus.com.
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.
This is the only time because-gus.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 109.234.165.193 50474 (O2SWITCH)
1 142.250.185.106 15169 (GOOGLE)
1 6 216.58.212.164 15169 (GOOGLE)
5 142.250.181.226 15169 (GOOGLE)
1 52.216.214.8 16509 (AMAZON-02)
3 216.58.212.136 15169 (GOOGLE)
2 142.250.185.66 15169 (GOOGLE)
3 142.250.185.142 15169 (GOOGLE)
1 18.172.112.107 16509 (AMAZON-02)
2 157.240.251.9 32934 (FACEBOOK)
1 192.0.73.2 2635 (AUTOMATTIC)
1 4 142.250.185.194 15169 (GOOGLE)
3 216.58.206.67 15169 (GOOGLE)
1 142.250.185.74 15169 (GOOGLE)
2 142.250.186.174 15169 (GOOGLE)
1 146.75.120.157 54113 (FASTLY)
1 142.250.186.67 15169 (GOOGLE)
1 142.250.185.78 15169 (GOOGLE)
2 108.177.15.157 15169 (GOOGLE)
1 157.240.0.35 32934 (FACEBOOK)
1 104.244.42.5 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
1 192.0.77.48 2635 (AUTOMATTIC)
11 172.217.16.206 15169 (GOOGLE)
2 142.250.185.97 15169 (GOOGLE)
73 26
15    109.234.165.193 (Levallois-Perret, France)

ASN50474 (O2SWITCH, FR)
PTR: 109-234-165-193.reverse.odns.fr
because-gus.com
1    142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net
ajax.googleapis.com
6    216.58.212.164 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f164.1e100.net
www.google.com
5    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pagead2.googlesyndication.com
1    52.216.214.8 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
3    216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f8.1e100.net
www.googletagmanager.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
www.googleadservices.com
3    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
maps.google.com
1    18.172.112.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-107.fra60.r.cloudfront.net
cdn-images.mailchimp.com
2    157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net
connect.facebook.net
1    192.0.73.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
4    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads.g.doubleclick.net
3    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f3.1e100.net
www.google.co.il
1    142.250.185.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f10.1e100.net
maps.googleapis.com
2    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net
www.gstatic.com
1    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
analytics.google.com
2    108.177.15.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f157.1e100.net
stats.g.doubleclick.net
1    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
11    172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f14.1e100.net
fundingchoicesmessages.google.com
2    142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
21 google.com
www.google.com — Cisco Umbrella Rank: 2
maps.google.com — Cisco Umbrella Rank: 2257
analytics.google.com — Cisco Umbrella Rank: 154
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646
253 KB
15 because-gus.com
because-gus.com
558 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
210 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
422 B
3 google.co.il
www.google.co.il — Cisco Umbrella Rank: 28483
669 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
276 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
72 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
21 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380
maps.googleapis.com — Cisco Umbrella Rank: 361
31 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 3574
1 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 882
393 B
1 t.co
t.co — Cisco Umbrella Rank: 717
377 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
269 B
1 gstatic.com
www.gstatic.com
204 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 801
15 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2270
37 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 6052
2 KB
1 amazonaws.com
s3.amazonaws.com
140 KB
73 19
Domain Requested by
15 because-gus.com because-gus.com
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
6 www.google.com 1 redirects because-gus.com
www.gstatic.com
tpc.googlesyndication.com
5 pagead2.googlesyndication.com because-gus.com
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
3 www.google.co.il because-gus.com
3 maps.google.com because-gus.com
maps.google.com
3 www.googletagmanager.com because-gus.com
www.googletagmanager.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 www.google-analytics.com because-gus.com
www.google-analytics.com
2 connect.facebook.net because-gus.com
connect.facebook.net
2 www.googleadservices.com because-gus.com
www.googleadservices.com
1 s.w.org because-gus.com
1 analytics.twitter.com because-gus.com
1 t.co because-gus.com
1 www.facebook.com because-gus.com
1 analytics.google.com www.googletagmanager.com
1 www.gstatic.com www.google.com
1 static.ads-twitter.com because-gus.com
1 maps.googleapis.com maps.google.com
1 secure.gravatar.com because-gus.com
1 cdn-images.mailchimp.com because-gus.com
1 s3.amazonaws.com because-gus.com
1 ajax.googleapis.com because-gus.com
73 25

This site contains links to these domains. Also see Links.

Domain
123bvn.cc
www.facebook.com
twitter.com
instagram.com
www.youtube.com
www.instagram.com
plus.google.com
Subject Issuer Validity Valid
because-gus.com
R3		 2024-04-23 -
2024-07-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-02-08 -
2025-01-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
cdn-images.mailchimp.com
Amazon RSA 2048 M02		 2023-06-20 -
2024-07-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-18 -
2024-05-18		 3 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2023-12-05 -
2025-01-04		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.co.il
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2023-12-18 -
2025-01-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://because-gus.com/forums/participants/123bvncc/
Frame ID: 0C072CFD1DEE0DC6A69142DE6288ABC8
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240508/r20110914/zrt_lookup_fy2021.html
Frame ID: 29AF90406873C5D2F068B46CB6996C38
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5511265887871361&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1715369892&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1715369894281&bpp=10&bdt=937&idt=376&shv=r20240508&mjsv=m202405020101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7741890069614&frm=20&pv=2&ga_vid=419324573.1715369894&ga_sid=1715369895&ga_hid=189439561&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083438%2C95331982%2C95329829%2C95331042%2C95332402%2C95332415&oid=2&pvsid=3637022095153860&tmod=435229292&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=432
Frame ID: 946114E88AC93C427CB9053CBB133068
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5511265887871361&output=html&h=280&slotname=8713973133&adk=2374271643&adf=2384279475&pi=t.ma~as.8713973133&w=360&abgtt=3&fwrn=4&fwrnh=100&lmt=1715369892&rafmt=1&format=360x280&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1715369894291&bpp=4&bdt=947&idt=452&shv=r20240508&mjsv=m202405020101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7741890069614&frm=20&pv=1&ga_vid=419324573.1715369894&ga_sid=1715369895&ga_hid=189439561&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083438%2C95331982%2C95329829%2C95331042%2C95332402%2C95332415&oid=2&pvsid=3637022095153860&tmod=435229292&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=466
Frame ID: B5BC58BD5DAB34C00D1E4B13CA77F571
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9nhkbAAAAAL4c8sKQOm1CAF4ubx_O4e-uEiBH&co=aHR0cHM6Ly9iZWNhdXNlLWd1cy5jb206NDQz&hl=iw&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9zqlsruxvcg0
Frame ID: 0FD104FD4B42D4402A4ABD3697B729EB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 50C099C92E1B6F562896DE2565808036
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A70DD5DB59DBC8FD4322F17DA06CF4BB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
  • cdn-images\.mailchimp\.com/[^>]*\.css
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

73
Requests

95 %
HTTPS

0 %
IPv6

19
Domains

25
Subdomains

26
IPs

3
Countries

1844 kB
Transfer

5155 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940452483/?random=793548361&cv=9&fst=1715369893717&num=1&label=2oIkCIGPwXUQg9W4wAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&tiba=Because%20Gus&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1Ya26eqDhgMVhSQGAB0RBgODMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmVjYXVzZS1ndXMuY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/940452483/?random=793548361&cv=9&fst=1715369893717&num=1&label=2oIkCIGPwXUQg9W4wAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&tiba=Because%20Gus&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1Ya26eqDhgMVhSQGAB0RBgODMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmVjYXVzZS1ndXMuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqF9jHVnLA7KpmJxM_8_qWMIxV3aaHPw&random=1231186246&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.co.il/pagead/1p-conversion/940452483/?random=793548361&cv=9&fst=1715369893717&num=1&label=2oIkCIGPwXUQg9W4wAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&tiba=Because%20Gus&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1Ya26eqDhgMVhSQGAB0RBgODMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmVjYXVzZS1ndXMuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqF9jHVnLA7KpmJxM_8_qWMIxV3aaHPw&random=1231186246&resp=GooglemKTybQhCsO&ipr=y

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
because-gus.com/forums/participants/123bvncc/ 		115 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
57f3c09b80383a316b7357fd5bd4c06df88d31be4de0a5fd1e61ce4c9a1279a6

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 10 May 2024 19:38:12 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Fri, 10 May 2024 19:38:12 GMT
link
<https://because-gus.com/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
89c3069e2e7661a5ad71f0021e362d77.css
because-gus.com/wp-content/cache/min/1/ 		518 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
60ed57eaa6d2d51bbb7aed7ad8ac9ee25b2fe7e5d43a7a48db74684b4dc181ff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/forums/participants/123bvncc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:12 GMT
content-encoding
br
last-modified
Tue, 30 Apr 2024 16:02:39 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=2592000, public
expires
Sun, 09 Jun 2024 19:38:12 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?ver=1.11.2
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f10.1e100.net
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 08:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 May 2025 08:12:13 GMT
api.js
www.google.com/recaptcha/ 		1 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f164.1e100.net
Software
GSE /
Resource Hash
e71252a23d8dbca5e14cb81604ec9d3bd0e2b619f083839d6ce814184d3f98c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 10 May 2024 19:38:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d141e4f1c3e66176f55117b5dca00d5f925f5e28f57f2aca99990007c1b18dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52766
x-xss-protection
0
server
cafe
etag
7614500609750411695
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Fri, 10 May 2024 19:38:14 GMT
api.js
www.google.com/recaptcha/ 		1 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Ld9nhkbAAAAAL4c8sKQOm1CAF4ubx_O4e-uEiBH&ver=3.0
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f164.1e100.net
Software
GSE /
Resource Hash
64f8a95f3dcd8f60cf9420c9d0cfbf6d96357aa21541afafe94b75132d324715
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Fri, 10 May 2024 19:38:14 GMT
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.214.8 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 10 May 2024 19:38:15 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
HD0NJJ8298436889
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
yZlRc8cs8edxMH9mPx2ouJ7ZgTRuimifBHwPDtDwaY/lwvUIv2kwu2ZTPvY0eU37ntSh51NA2mI=
2082c17bf9e39038756fb5adfcead137.js
because-gus.com/wp-content/cache/min/1/ 		162 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/cache/min/1/2082c17bf9e39038756fb5adfcead137.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
ace6125e3d5cb534121b9e65108672e1b39f053684cf6aa055285b391c064136

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/forums/participants/123bvncc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
last-modified
Tue, 30 Apr 2024 16:02:39 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Sat, 10 May 2025 19:38:13 GMT
d26c7e5f-3a80-4001-a552-a11bd99d6ba6
https://because-gus.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://because-gus.com/d26c7e5f-3a80-4001-a552-a11bd99d6ba6
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
gtm.js
www.googletagmanager.com/ 		200 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MRP3C76
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b1cd740e00792fc54391aa40ae1b5115c39021b67a3e4552575d01bfb23a54bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73918
x-xss-protection
0
last-modified
Fri, 10 May 2024 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 May 2024 19:38:14 GMT
conversion.js
www.googleadservices.com/pagead/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
35448ad5bb034fa8cd48dc2051ab27c9da478a3642c0950c0b21710a73ec55a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20101
x-xss-protection
0
server
cafe
etag
15438506040870824612
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 May 2024 19:38:13 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T0Z1C3PZLY
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
babc082ed7ad8d2a49274c84acdc8b3579264fe38bc574809c9366c4a9e8e668
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104085
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 19:38:14 GMT
logo.png
because-gus.com/wp-content/themes/because-gustave/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://because-gus.com/wp-content/themes/because-gustave/img/logo.png
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
485d6b6c245a90ba1b766e47fa0e1fe6386a271488b4da70e502d6816053f4f6

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/forums/participants/123bvncc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:12 GMT
last-modified
Mon, 28 Aug 2023 13:39:43 GMT
server
o2switch-PowerBoost-v3
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
4957
expires
Sat, 10 May 2025 19:38:12 GMT
js
maps.google.com/maps/api/ 		202 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps/api/js?sensor=false&ver=6.5.3
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
433d978560aba94add72d4f5536b210161296464f4e379382c608762545c0dfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69313
x-xss-protection
0
classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-107.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
date
Fri, 10 May 2024 01:02:24 GMT
last-modified
Thu, 17 Dec 2015 16:52:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P8
age
66949
etag
W/"ae0fc9b84c30cada1784022044962394"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
K_tyR2eSNEjD1Ys9QFPFbcpVcd6NF8gXzhVmvMxEDyQ8zKUk_WS3Lg==
18348c8c136ad24553728f78f3a9593b.js
because-gus.com/wp-content/cache/min/1/ 		381 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/cache/min/1/18348c8c136ad24553728f78f3a9593b.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
30712234ced1fdab869d4dd7ff8438da2db9dd1a719df344e0ca9d457f44b6ee

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/forums/participants/123bvncc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
last-modified
Tue, 30 Apr 2024 16:04:31 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Sat, 10 May 2025 19:38:13 GMT
bootstrap.min.css
because-gus.com/wp-content/themes/mango/css/ 		130 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/themes/mango/css/bootstrap.min.css
Requested by
Host: because-gus.com
URL: https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
9feba192f1c94952504924e3722f7bd269271d016a81fe3d57c757d0275603bd

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 13:39:44 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=2592000, public
expires
Sun, 09 Jun 2024 19:38:13 GMT
flexslider.css
because-gus.com/wp-content/themes/mango/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/themes/mango/css/flexslider.css
Requested by
Host: because-gus.com
URL: https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
56b65f5898880184694d21db6cefd40f2327a770c050d549d000cd59ff3c4351

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 13:39:44 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=2592000, public
expires
Sun, 09 Jun 2024 19:38:13 GMT
font-awesome.min.css
because-gus.com/wp-content/themes/mango/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/themes/mango/css/font-awesome.min.css
Requested by
Host: because-gus.com
URL: https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 13:39:44 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=2592000, public
expires
Sun, 09 Jun 2024 19:38:13 GMT
prettyPhoto.css
because-gus.com/wp-content/themes/mango/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/themes/mango/css/prettyPhoto.css
Requested by
Host: because-gus.com
URL: https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
3ab33bb0bbe4859490b38cc5998b51a6ee84641420447a63da354886a6bd4a02

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 13:39:45 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=2592000, public
expires
Sun, 09 Jun 2024 19:38:13 GMT
main.css
because-gus.com/wp-content/themes/mango/css/ 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/themes/mango/css/main.css
Requested by
Host: because-gus.com
URL: https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
47d2d7948fee875924651bec17d59b5618e57d61eaa24fc158cd73ab8c5fe740

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/wp-content/cache/min/1/89c3069e2e7661a5ad71f0021e362d77.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 13:39:44 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=2592000, public
expires
Sun, 09 Jun 2024 19:38:13 GMT
/
www.googleadservices.com/pagead/conversion/940452483/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/940452483/?random=1715369893717&cv=9&fst=1715369893717&num=1&label=2oIkCIGPwXUQg9W4wAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&tiba=Because%20Gus&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ba761c9d6dcceb3ad7ab2c6df3c4ce4b0067a82a70b8808d8fb37195c7ad0c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		225 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
b5eabdcfd6f65e18c17b0864ccd2bbf3ab8f7395226990a7d5e3f17c7ab1fa7a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 10 May 2024 19:38:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
59270
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=51, rtx=0, c=12, mss=1380, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
uPltPmK5AsP9BUpv77WPjt+xkG2HpUxojjkA9uWSOzqnSj5PgSrw+H69IgRApzCzOim4HxNyTVT7gf9TOAoEcg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
passing.ttf
because-gus.com/wp-content/themes/because-gus/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/themes/because-gus/fonts/passing.ttf
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
9538ac59d0d5b6f9017aafe483f255bca2e6ae134f0c00f7ba7615b5276fab76

Request headers

Referer
https://because-gus.com/forums/participants/123bvncc/
Origin
https://because-gus.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
last-modified
Mon, 28 Aug 2023 13:39:39 GMT
server
o2switch-PowerBoost-v3
content-type
font/ttf
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
45216
expires
Sun, 09 Jun 2024 19:38:13 GMT
2a740a9357d51d6fd8f312854d4a8444
secure.gravatar.com/avatar/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/2a740a9357d51d6fd8f312854d4a8444?s=150&d=retro&r=g
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
320782cb47300e862e9a4d9379adef683aa3b72ea5e27f11460402b6205c5280

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
MISS mxp 2
date
Fri, 10 May 2024 19:38:14 GMT
last-modified
Wed, 03 Apr 2024 11:46:34 GMT
server
nginx
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="2a740a9357d51d6fd8f312854d4a8444.png"
accept-ranges
bytes
link
<https://gravatar.com/avatar/2a740a9357d51d6fd8f312854d4a8444?s=150&d=retro&r=g>; rel="canonical"
content-length
37434
alt-svc
h3=":443"; ma=86400
expires
Fri, 10 May 2024 19:43:14 GMT
fontawesome-webfont.woff
because-gus.com/wp-content/themes/mango/fonts/ 		82 KB
82 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/themes/mango/fonts/fontawesome-webfont.woff?v=4.1.0
Requested by
Host: because-gus.com
URL: https://because-gus.com/wp-content/themes/mango/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31

Request headers

Referer
https://because-gus.com/wp-content/themes/mango/css/font-awesome.min.css
Origin
https://because-gus.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
last-modified
Mon, 28 Aug 2023 13:39:46 GMT
server
o2switch-PowerBoost-v3
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
83760
expires
Sun, 09 Jun 2024 19:38:13 GMT
/
www.google.co.il/pagead/1p-conversion/940452483/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/940452483/?random=793548361&cv=9&fst=1715369893717&num=1&label=2oIkCIGPwXUQg9W4wAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid...
  • https://www.google.com/pagead/1p-conversion/940452483/?random=793548361&cv=9&fst=1715369893717&num=1&label=2oIkCIGPwXUQg9W4wAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C46646592...
  • https://www.google.co.il/pagead/1p-conversion/940452483/?random=793548361&cv=9&fst=1715369893717&num=1&label=2oIkCIGPwXUQg9W4wAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465...
42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/pagead/1p-conversion/940452483/?random=793548361&cv=9&fst=1715369893717&num=1&label=2oIkCIGPwXUQg9W4wAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&tiba=Because%20Gus&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1Ya26eqDhgMVhSQGAB0RBgODMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmVjYXVzZS1ndXMuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqF9jHVnLA7KpmJxM_8_qWMIxV3aaHPw&random=1231186246&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:14 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.co.il/pagead/1p-conversion/940452483/?random=793548361&cv=9&fst=1715369893717&num=1&label=2oIkCIGPwXUQg9W4wAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=180&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&tiba=Because%20Gus&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQIIl8GxAg&pscrd=IhMI1Ya26eqDhgMVhSQGAB0RBgODMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6GGh0dHBzOi8vYmVjYXVzZS1ndXMuY29tLw&is_vtc=1&cid=CAQSGwB7FLtqF9jHVnLA7KpmJxM_8_qWMIxV3aaHPw&random=1231186246&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/ 		3 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?sensor=false&ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://because-gus.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
lazyload-10.4.2.min.js
because-gus.com/wp-content/plugins/wp-rocket/inc/front/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/plugins/wp-rocket/inc/front/js/lazyload-10.4.2.min.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
093231dbe428085369285fa2ff04cdd38cb443e5bc84822acf8b464bf65eb649

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/forums/participants/123bvncc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:13 GMT
content-encoding
br
last-modified
Mon, 28 Aug 2023 15:03:50 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Sat, 10 May 2025 19:38:13 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 May 2024 18:07:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5425
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 10 May 2024 20:07:49 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
gzip
last-modified
Thu, 04 Apr 2024 00:26:35 GMT
x-amz-server-side-encryption
AES256
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15412
x-served-by
cache-iad-kcgs7200164-IAD, cache-fra-etou8220022-FRA
recaptcha__iw.js
www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/ 		529 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__iw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
870ccc11c716eef14e1c515aed13acfedfd486cd6213b67a032065397e660bb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://because-gus.com/
Origin
https://because-gus.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 07 May 2024 07:57:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
301268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
208603
x-xss-protection
0
last-modified
Mon, 22 Apr 2024 21:03:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 May 2025 07:57:06 GMT
102373230109858
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/102373230109858?v=next&r=canary&domain=because-gus.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C42%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C155%2C132%2C27%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
9c4dfd9c409b3dad1a23994d7d142a50e271e2940183d961694a02642ce4e53c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 10 May 2024 19:38:14 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=64, mss=1380, tbw=64771, tp=-1, tpl=-1, uplat=74, ullat=0
pragma
public
x-fb-debug
yfVxBbItjJQZIQ2kVZLTlCl1TkHvWSisk1bYgLEzdWxzXmpvMuY4+FWZ5z+ts/lyynTKqM7Gkd8tVO3SgQdMaw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-T0Z1C3PZLY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRP3C76
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bca633408ce22c0e52d795a1c5e6e525b786685f35e1be297af583b0d242ef5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104042
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 May 2024 19:38:14 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/ 		411 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e9ae7271f418463d4bf1fdcedd88bc64565adc677c972f44817f20d43aca7c19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
142518
x-xss-protection
0
server
cafe
etag
18076025339083700706
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 May 2024 19:38:14 GMT
collect
analytics.google.com/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-T0Z1C3PZLY&gtm=45je4580v890466907za200&_p=1715369893391&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=419324573.1715369894&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715369894&sct=1&seg=0&dl=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&dt=Because%20Gus&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2034
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0Z1C3PZLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://because-gus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T0Z1C3PZLY&cid=419324573.1715369894&gtm=45je4580v890466907za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T0Z1C3PZLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:14 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://because-gus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T0Z1C3PZLY&cid=419324573.1715369894&gtm=45je4580v890466907za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1583979353
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=189439561&t=pageview&_s=1&dl=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&ul=he-il&de=UTF-8&dt=Because%20Gus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1794751264&gjid=1063436989&cid=419324573.1715369894&tid=UA-58703068-1&_gid=2038713248.1715369894&_r=1&_slc=1&z=397864585
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://because-gus.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://because-gus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=102373230109858&ev=PageView&dl=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&rl=&if=false&ts=1715369894419&sw=1600&sh=1200&v=next&r=canary&ec=0&o=4126&fbp=fb.1.1715369894418.1999261454&ler=empty&cdl=API_unavailable&it=1715369894217&coo=false&uppt=0.1999969482421875&uvpt=0.100006103515625&ttf=2072.199996948242&bdt=471.1999969482422&bdsize=230336&btsize=59270&brbs=0&cdt=189.60000610351562&cdsize=57477&ctsize=11754&crbs=0&let=14.399993896484375&rqm=GET
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=50, rtx=0, c=10, mss=1380, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 10 May 2024 19:38:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
adsct
t.co/i/ 		43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=26a34146-5fbb-457b-b322-dabc32da26db&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b0ed1479-2683-4ae2-80dd-8de13d00e516&tw_document_href=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv6m2&type=javascript&version=2.3.30
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
111
date
Fri, 10 May 2024 19:38:14 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
67af95c085cd5c85
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
98c2043006852e3f62f09a657165b74654d51394365f7543530f94328d612566
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=26a34146-5fbb-457b-b322-dabc32da26db&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b0ed1479-2683-4ae2-80dd-8de13d00e516&tw_document_href=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv6m2&type=javascript&version=2.3.30
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-response-time
195
date
Fri, 10 May 2024 19:38:14 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
106059a81c35b885
cache-control
no-cache, no-store, max-age=0
perf
7402827104
x-connection-hash
8beb6100aed2d7acfec683357cdff22ca20c1cf9200acf7b19792de8eb5aa87d
content-length
43
collect
stats.g.doubleclick.net/j/ 		7 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-58703068-1&cid=419324573.1715369894&jid=1794751264&gjid=1063436989&_gid=2038713248.1715369894&_u=IADAAEAAAAAAACAAI~&z=479642002
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
fda80d24f1bfe5a68b5f719a1febecfe747c79720e3a26b4b78b6a42b67b37b7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://because-gus.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 10 May 2024 19:38:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://because-gus.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240508/r20110914/ Frame 29AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240508/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

age
12930
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 May 2024 16:02:44 GMT
etag
5035419970550746386
expires
Fri, 24 May 2024 16:02:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9461 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5511265887871361&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1715369892&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1715369894281&bpp=10&bdt=937&idt=376&shv=r20240508&mjsv=m202405020101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7741890069614&frm=20&pv=2&ga_vid=419324573.1715369894&ga_sid=1715369895&ga_hid=189439561&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083438%2C95331982%2C95329829%2C95331042%2C95332402%2C95332415&oid=2&pvsid=3637022095153860&tmod=435229292&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=432
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
6285
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 May 2024 19:38:15 GMT
expires
Fri, 10 May 2024 19:38:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&id=teamKraftt_header&cls=teamKraftt-header%20header-1%20&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B5BC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5511265887871361&output=html&h=280&slotname=8713973133&adk=2374271643&adf=2384279475&pi=t.ma~as.8713973133&w=360&abgtt=3&fwrn=4&fwrnh=100&lmt=1715369892&rafmt=1&format=360x280&url=https%3A%2F%2Fbecause-gus.com%2Fforums%2Fparticipants%2F123bvncc%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1715369894291&bpp=4&bdt=947&idt=452&shv=r20240508&mjsv=m202405020101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7741890069614&frm=20&pv=1&ga_vid=419324573.1715369894&ga_sid=1715369895&ga_hid=189439561&ga_fc=1&u_tz=180&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1010&ady=193&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31083438%2C95331982%2C95329829%2C95331042%2C95332402%2C95332415&oid=2&pvsid=3637022095153860&tmod=435229292&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=466
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
405
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 May 2024 19:38:15 GMT
expires
Fri, 10 May 2024 19:38:15 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-58703068-1&cid=419324573.1715369894&jid=1794751264&_u=IADAAEAAAAAAACAAI~&z=1813388191
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f164.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.il/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-58703068-1&cid=419324573.1715369894&jid=1794751264&_u=IADAAEAAAAAAACAAI~&z=1813388191
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tzfraa-aa-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 0FD1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld9nhkbAAAAAL4c8sKQOm1CAF4ubx_O4e-uEiBH&co=aHR0cHM6Ly9iZWNhdXNlLWd1cy5jb206NDQz&hl=iw&v=V6_85qpc2Xf2sbe3xTnRte7m&size=invisible&cb=9zqlsruxvcg0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/V6_85qpc2Xf2sbe3xTnRte7m/recaptcha__iw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f164.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RKx6-IjA5MkNHWakeI1jYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-RKx6-IjA5MkNHWakeI1jYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 May 2024 19:38:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
wp-emoji-release.min.js
because-gus.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-includes/js/wp-emoji-release.min.js?ver=6.5.3
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/forums/participants/123bvncc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:14 GMT
content-encoding
br
last-modified
Tue, 30 Apr 2024 15:57:57 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Sat, 10 May 2025 19:38:14 GMT
1f36a.svg
s.w.org/images/core/emoji/15.0.3/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/15.0.3/svg/1f36a.svg
Requested by
Host: because-gus.com
URL: https://because-gus.com/forums/participants/123bvncc/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT mxp 2
date
Fri, 10 May 2024 19:38:15 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 01:21:10 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
max-age=315360000
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
ca-pub-5511265887871361
fundingchoicesmessages.google.com/i/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5511265887871361?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
f056cce35d2581382ff049340aedfb93770bd03f0dde85396034bc4e5b468436
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-bun2Mu2TLRxJznqnHVMTtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-bun2Mu2TLRxJznqnHVMTtA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamDU4pJi8NaQYjhx6zbTBSA-73SH6ToQG2g8Z7IAYomvL5m0gDjm-XTWFCB2Sp_BGgLEPvUzWOOAuPXmOdbpQJz07zxrCRAXdV9grQLinYsvsB4E4lVHLrBuAuL2zxdYZwLxd_aLrP-BuMzxImsdEAvxcCx__3Mjm8CE3buOMytpJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGJgaWOoZGMcXGAAAxH5P2g"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVSS1IEpzGNbgBfFieZIUd0N28NynpahZis1qK1IA-I3XhAWorLN8-Q0Q0pFSeZ-kmF58vigDlaAa09YkTn8Rm7JSOhY5jgStN4L8CGXuRAzth8hlBuyoHjalyKWj-ZwSoO-WWgYQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVSS1IEpzGNbgBfFieZIUd0N28NynpahZis1qK1IA-I3XhAWorLN8-Q0Q0pFSeZ-kmF58vigDlaAa09YkTn8Rm7JSOhY5jgStN4L8CGXuRAzth8hlBuyoHjalyKWj-ZwSoO-WWgYQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1MzY5ODk2LDE5NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9iZWNhdXNlLWd1cy5jb20vZm9ydW1zL3BhcnRpY2lwYW50cy8xMjNidm5jYy8iLG51bGwsW1s4LCJhVWRtYUlqRDNqVSJdLFs5LCJpdyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjk4NDJdLDE5LDBdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
0594e889fd4cba7bbf3c3e30be3aeb907d4079a452c3052a5943affae7db80e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ytihkB1QfAsvfsrAKGwPnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:16 GMT
content-security-policy
script-src 'report-sample' 'nonce-ytihkB1QfAsvfsrAKGwPnw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0JBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQF3VfYK0C4p2LL7AeBOJVRy6wbgLi9s8XWGcC8Xf2i6z_gViIh2PF-58b2QRO9F9qZ1TSSMovjE_OzyspykwqLckvSktOSy1OLSpLLYo3MjAyMTA1sNQzMI4vMAAA8CtHiQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUVjqyXsiIVVHq1n0gCYyBUxFACBfIoqtP00FWnNpfoWp_MBkgN-XB-kaaQcYIPetG5cW5R6pQrfwyyY_IVp3nVdUDOaJJ6KGWVcEt2M1vLuFByeCHZIjU1au_5xVp4K7CdQbIhIA==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUVjqyXsiIVVHq1n0gCYyBUxFACBfIoqtP00FWnNpfoWp_MBkgN-XB-kaaQcYIPetG5cW5R6pQrfwyyY_IVp3nVdUDOaJJ6KGWVcEt2M1vLuFByeCHZIjU1au_5xVp4K7CdQbIhIA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1MzY5ODk2LDM1MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImZyIl0sImh0dHBzOi8vYmVjYXVzZS1ndXMuY29tL2ZvcnVtcy9wYXJ0aWNpcGFudHMvMTIzYnZuY2MvIixudWxsLFtbOCwiYVVkbWFJakQzalUiXSxbOSwiaXciXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzI5ODQyXSwxOSwwXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
6a75b0f653fb2b3b63c734f6ffe85670f55014f6aaa2f6515414bf8a5eb16d41
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CQbxTcMKU75lyuA6P5rRMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:16 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-CQbxTcMKU75lyuA6P5rRMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0pBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQF3VfYK0C4p2LL7AeBOJVRy6wbgLi9s8XWGcC8Tf2i6z_gFiIh2PF-58b2QR-TF5wllFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDUwFLPwDi-wAAA_b1H0Q"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240508&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5842c46db42f5b19dd5da1b75327c6a5286bfb7baf497b3dec9840c27d4a50fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12291
x-xss-protection
0
Favicon.png
because-gus.com/wp-content/uploads/2015/01/ 		0
0
Favicon.png
because-gus.com/wp-content/uploads/2015/01/ 		101 KB
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://because-gus.com/wp-content/uploads/2015/01/Favicon.png
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
109.234.165.193 Levallois-Perret, France, ASN50474 (O2SWITCH, FR),
Reverse DNS
109-234-165-193.reverse.odns.fr
Software
o2switch-PowerBoost-v3 /
Resource Hash
ab1bef80c1b8d16d0c7b3fc257e4ad34a066e961649e0aeabf0e90be8c287d0c

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/forums/participants/123bvncc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 May 2024 19:38:16 GMT
content-encoding
br
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
link
<https://because-gus.com/wp-json/>; rel="https://api.w.org/"
expires
Wed, 11 Jan 1984 05:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202405020101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 10 May 2024 19:38:17 GMT
yahooadsobject.&advtile=
fundingchoicesmessages.google.com/f/AGSKWxWw19rODhgdzq6wnoXG1DmNCcft2h4m4qZ7PwuzbbgaySw3miO8-6SaQrrhcYszjZAAHt0UY8UCILih3bS_0XAyI9xqv0n8P_9NbKf4ngP_l4aaXuRUa4Y6QiY_llb4wOv0FS4-HwF1s_XxRTzs7aNyqX9nf... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWw19rODhgdzq6wnoXG1DmNCcft2h4m4qZ7PwuzbbgaySw3miO8-6SaQrrhcYszjZAAHt0UY8UCILih3bS_0XAyI9xqv0n8P_9NbKf4ngP_l4aaXuRUa4Y6QiY_llb4wOv0FS4-HwF1s_XxRTzs7aNyqX9nf6gQAaBCFo8_h0hsqxgN73LmsfhjlPjE/_/cn-advert.-728-90-&ad_ids=/yahooadsobject.&advtile=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxPg6XI_UYYhKFSc3Cq9Hpx-mcA9A/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
da669bc670d4ca12d0daad2a4b5dac5f43b5e4998096aedfbccb81ae1684cead
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VJuFuTNbfFdzjmTSV2UOmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-VJuFuTNbfFdzjmTSV2UOmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtHikmLw1pBiWMS_i-m80x2m60BsoPGcyQKIJb6-ZNIC4pjn01lTgNgpfQZrCBD71M9gjQPi1pvnWKcDcdK_86wlQFzUfYG1Coh3Lr7AehCIVx25wLoJiNs_X2CdCcTf2S-y_gdiIW6Ole9_bmQTaJh2x09JIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDUwFLPwDi-wAAAjwJIhA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMxPg6XI_UYYhKFSc3Cq9Hpx-mcA9A/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 08:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
40188
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 24 May 2024 08:28:29 GMT
AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BpH55edqyztRk6LFvXC1gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://because-gus.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 May 2024 19:38:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-BpH55edqyztRk6LFvXC1gw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw05BicEqfwRoCxEI8HCvf_9zIJvBg1bk9jEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUwFLPwDy-wAAA8M0jTQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://because-gus.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o0uXnWTDQIFQqHcZP0f5Ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://because-gus.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 May 2024 19:38:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-o0uXnWTDQIFQqHcZP0f5Ww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoCxEI8HCvf_9zIJjBjw_XdjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUwFLPwDy-wAAA25ojCA"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://because-gus.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Rri2D4WqmV8vkzmh3C49EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://because-gus.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 May 2024 19:38:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-Rri2D4WqmV8vkzmh3C49EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1JBicEqfwRoCxEI8HCvf_9zIJtCw7cEVRiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqYKlnYB5fYAAA3ycjFg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://because-gus.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-c6hD8g0hx-Q7ARRHgBuV-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://because-gus.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 May 2024 19:38:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-c6hD8g0hx-Q7ARRHgBuV-A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII1JBicEqfwRoCxEI8HCvf_9zIJvDh77c9jEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUwFLPwDy-wAAAGhIj2w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://because-gus.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXx9wwkqw8y0zZT8RbG2J_f7v8ADtR8_0NvyWv8UZEhzWGe-x4wCqc__T4MfaLiYDyZucTsHOy0a1AqmA4P2tHE38EtM1Q_v1s6w7nT4hyoZ3ruiCOasJhaxUjkJLmq8J4-P0pc-Q==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXx9wwkqw8y0zZT8RbG2J_f7v8ADtR8_0NvyWv8UZEhzWGe-x4wCqc__T4MfaLiYDyZucTsHOy0a1AqmA4P2tHE38EtM1Q_v1s6w7nT4hyoZ3ruiCOasJhaxUjkJLmq8J4-P0pc-Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE1MzY5ODk3LDIzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZnIiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9iZWNhdXNlLWd1cy5jb20vZm9ydW1zL3BhcnRpY2lwYW50cy8xMjNidm5jYy8iLG51bGwsW1s4LCJhVWRtYUlqRDNqVSJdLFs5LCJpdyJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjk4NDJdLDE5LDBdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
2b9ecf2d14b07bcb2fc8cf9503557997adee7d9e0e65e30ab60933d86506df08
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UoCT0veM2PTx1kCopggXjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 May 2024 19:38:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-UoCT0veM2PTx1kCopggXjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmJw1ZBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQF3VfYK0C4p2LL7AeBOJVRy6wbgLi9s8XWGcC8Xf2i6z_gViIh2Pl-58b2QRO3Nw8nVFJIym_MD45P6-kKDOptCS_KC05LbU4tagstSjeyMDIxMDUwFLPwDi-wAAA8-1Hug"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 50C0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges
bytes
age
17698
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 10 May 2024 14:43:19 GMT
expires
Sat, 10 May 2025 14:43:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A70D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f164.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EqFyAEHSq8udw79Sjjnjew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-EqFyAEHSq8udw79Sjjnjew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 10 May 2024 19:38:17 GMT
expires
Fri, 10 May 2024 19:38:17 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxX9-n11Nc6_mZ0QO562r7wKJ1aAlnnexsP7JQ5R6iOP9Wctgc3EulJ4JYKf8oDtWz7DWfq5_UUalV-LGZp7e2mXugO8DrY-Avn9ikcsr9nTflwMbTUP-D-D0JKbhb0DkQN7EvZoNw==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX9-n11Nc6_mZ0QO562r7wKJ1aAlnnexsP7JQ5R6iOP9Wctgc3EulJ4JYKf8oDtWz7DWfq5_UUalV-LGZp7e2mXugO8DrY-Avn9ikcsr9nTflwMbTUP-D-D0JKbhb0DkQN7EvZoNw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KbyJJymwWz5yDMP8MymHCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://because-gus.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 May 2024 19:38:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KbyJJymwWz5yDMP8MymHCw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBicEqfwRoCxEI8HCvf_9zIJvChc_UVRiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqYKlnYB5fYAAA5ngjKw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://because-gus.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVn72h0gffBjgtt-NB4t3zzt60I066aYKvh4GwzBnWo2XUDH5YvD52XBsMfMRowzn69EYLZheRCyXq7qWHSrTtKsKhqXVWbCOqz7WZaa5bEX5PFX3K3j-YyX3_52lczmzsUVouzEg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.iw.aUdmaIjD3jU.es5.O/am=BgM/d=1/rs=AJlcJMxGQRg8JFLcfzD2GhslQc8m_N5yAQ/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7ub2D7FWEmfpkZWMu2t2pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://because-gus.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 May 2024 19:38:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-7ub2D7FWEmfpkZWMu2t2pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0JBicEqfwRoCxEI8HCvf_9zIJrDjwfLrjEouSfmF8cn5eSWpeSW6iSnFuiB2UWZSaUl-EQo7tQykIic_PT0zLz3eyMDIxMDUwFLPwDy-wAAA6-ojQQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://because-gus.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
common.js
maps.google.com/maps-api-v3/api/js/56/12a/intl/iw_ALL/ 		257 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/56/12a/intl/iw_ALL/common.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?sensor=false&ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
910cb920d4e23520a2454855f9230caa54b12d8d1115161cc26abd567de92fe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 May 2024 21:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
164934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57494
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 May 2025 21:49:25 GMT
util.js
maps.google.com/maps-api-v3/api/js/56/12a/intl/iw_ALL/ 		183 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.google.com/maps-api-v3/api/js/56/12a/intl/iw_ALL/util.js
Requested by
Host: maps.google.com
URL: https://maps.google.com/maps/api/js?sensor=false&ver=6.5.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
461c72861b215631577827fe7b8c952950ae50bd7264dafa37e666820e1fb4b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://because-gus.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 08 May 2024 21:49:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
164934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57301
x-xss-protection
0
last-modified
Tue, 07 May 2024 21:52:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 May 2025 21:49:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
because-gus.com
URL
http://because-gus.com/wp-content/uploads/2015/01/Favicon.png
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240508&jk=3637022095153860&bg=!mpmlmdbNAAZxHNKdURw7ADQBe5WfODUYBl7mjbpme5gGG4_trotuWaMMc9lrE46OrkIL7ku_HAd91yiEkEsXXS6JifTEAgAAADpSAAAAA2gBB34ANTrCHlB6eixcmFUoSQksPCPk906GF_VopK-eBtsdvJGVvcWNImbXcE0oExFHsNOceOpHU70TmQKSyVwiGTiEYdLj1_Xs16gxLzl4dn377c-79Fhq-OQ3UeGGElpp9ouuqZtYpywmMRtH60pEJcZ1EVghWfdgqOEoilPv_Vktj9UiR5Qxa7KmO9hCf8socpLHSE2MtWcHKJxGaa6zhFEaIhqJqDoJks5eOb6x3shpA9AtSDNm6-8mcYxPu5wzWo97C3xQjotSiwWgg848VZdkVFp_KM-FOacq0kpUH2DyYJON9SL1qS5uAd302LSDmgol4Dh1HcmfaQaXtdLinaxgm5bubKmTtKMgjhJqG6KZW6y67vNP4MF6wEAtlka9HvXx_ihrstL9reEwcz159n4KTUqq7X3lcdAPJfpmMuu_NI26LIj37F9y9Z7N42iYT6c9VNftUHkvj1JhTkKtJace8MZlYV-jtgoIkKrETfu1rzvgEbwVVUISXMi6L6L8KMi4ygP0t6Rf2Z2HzWyJlhDNKjGX0sfQks0dhlkedOdHexf_HGbohyIARsxPxFd_fS8-bDnOxvKOZoSuZ5oPorX6ocSGIWkF5JsvyBxBUTkSkAws9dzixn-2s3eHyR7En3AMevtxhsdfmmm8RxnCdZY3qG48LK6FqCkQNwQ5q-CLULDWro2ikZk-Ih228xtkhOdo-E8qFZWIrlZ_LkgxQ6n6NXjNHdN8KBZ7R2c6ACCFKeytvRMNUb_zJFxlsjbJNZAtYn2gcGoQqNScgwP7OpayOrXh1s-uzYlo-lp4MCRiLfOpi-XuhFwWvF2bK02C-gYfPG7UolOaL_9GbyWRqfymfDWu17WajKIl-CB4dTEBfpFmy6zxL6kh-o74pAXlTH-z6XZRIGFOStYgHw-mL7smTHpqm7-osheCfy3atr0zc85vzfRSu8uTvYy1sA

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 string| gtm4wp_datalayer_name object| dataLayer object| _wpemojiSettings object| cnArgs number| usp_pro_submit_button number| usp_pro_success_form object| dataLayer_content function| loadCSS object| adsbygoogle object| google_conversion_id object| google_conversion_language object| google_conversion_format object| google_conversion_color object| google_conversion_label object| google_remarketing_only object| google_tag_data function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| google_custom_params object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments function| fbq function| _fbq function| gtag object| wpcf7 object| themeMyLogin object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| SiteParameters object| wpcf7_recaptcha object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe undefined| $mcj function| kraftt_themes_dropdown string| GoogleAnalyticsObject function| ga function| twq object| t object| s function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| _extends function| _typeof function| LazyLoad object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| regeneratorRuntime object| twttr function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| recaptcha object| closure_lm_829975 object| mc object| wpp_params object| WordPressPopularPosts object| html5 object| Modernizr function| yepnope object| respond function| Sifter object| MicroPlugin function| Selectize object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched object| parsley object| runtime object| swv object| WebFont object| addComment object| bootstrap object| jQuery190044513847679865526 function| EventEmitter object| eventie function| imagesLoaded function| uspProReCaptcha function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| Isotope object| mejs function| MediaElement function| MediaElementPlayer boolean| doresize object| scroll_pos boolean| hashtag object| twemoji object| wp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YzY3N2Q4NmUwYjc2MDk2OWxvYWRlcl9qcw== string| YzY3N2Q4NmUwYjc2MDk2OWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms boolean| google_empty_script_included boolean| 37c43b28-3198-4f43-8bf4-5043a4752333

14 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AJ9Knh1LRaS0qOoJY7abnzCYZzlhDC9oUnurKS1e1YZhK8aq78evRvND6IJM4D3Usc7kS7mHWT-hDxf5Whdtvcs
.because-gus.com/ Name: PHPSESSID
Value: e6eb849438d6877559daf078fadf5489
.because-gus.com/ Name: _ga_T0Z1C3PZLY
Value: GS1.1.1715369894.1.0.1715369894.60.0.0
.because-gus.com/ Name: _ga
Value: GA1.2.419324573.1715369894
.because-gus.com/ Name: _gid
Value: GA1.2.2038713248.1715369894
.because-gus.com/ Name: _gat
Value: 1
.because-gus.com/ Name: _fbp
Value: fb.1.1715369894418.1999261454
.t.co/ Name: muc_ads
Value: d5cc1440-9115-4bbc-9eb8-23aab248a358
.twitter.com/ Name: personalization_id
Value: "v1_GdItRmF6dtVi0GNwpgEsiA=="
.because-gus.com/ Name: __gads
Value: ID=1747ec0046ade1b5:T=1715369894:RT=1715369894:S=ALNI_MZbPj6j5fcxhQbPx1rknDvRAwIK0w
.because-gus.com/ Name: __gpi
Value: UID=00000e18b32c1e3e:T=1715369894:RT=1715369894:S=ALNI_MaURHIPifpmvrtghfPdIBBT8KKe2A
.because-gus.com/ Name: __eoi
Value: ID=bc076449a3a2f51e:T=1715369894:RT=1715369894:S=AA-AfjbjOZR2PF0lTcpMsoKqzUYT
.doubleclick.net/ Name: IDE
Value: AHWqTUmX-10Gn_6nI88W6gelgisMsVy8Bh66DDZtUc7PNY0hocTE6UENSz5DeKbhC_Q
.because-gus.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-YjcNPsUlpJnKeGsDHWFNBDmQY7EgpLctoF2CWot2Yg7oNddZHfsZvpwd_tHc0dhxKYenVyMCIilR6Hxvfvq-R2WLEdxDPrkPrQDdpGJGMbMkmIOzWniiwS5cl5eOaeAiORijKgZGTXFVZrQN3_aR2RzuZfw%3D%3D%22%5D%5D

18 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/102373230109858?v=next&r=canary&domain=because-gus.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C42%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C155%2C132%2C27%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Mixed Content: The page at 'https://because-gus.com/forums/participants/123bvncc/' was loaded over HTTPS, but requested an insecure favicon 'http://because-gus.com/wp-content/uploads/2015/01/Favicon.png'. This request has been blocked; the content must be served over HTTPS.
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://because-gus.com/wp-content/uploads/2015/01/Favicon.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://because-gus.com/forums/participants/123bvncc/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
analytics.twitter.com
because-gus.com
cdn-images.mailchimp.com
connect.facebook.net
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
maps.google.com
maps.googleapis.com
pagead2.googlesyndication.com
s.w.org
s3.amazonaws.com
secure.gravatar.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.co.il
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
because-gus.com
pagead2.googlesyndication.com
104.244.42.5
104.244.42.67
108.177.15.157
109.234.165.193
142.250.181.226
142.250.185.106
142.250.185.142
142.250.185.194
142.250.185.66
142.250.185.74
142.250.185.78
142.250.185.97
142.250.186.174
142.250.186.67
146.75.120.157
157.240.0.35
157.240.251.9
172.217.16.206
18.172.112.107
192.0.73.2
192.0.77.48
216.58.206.67
216.58.212.136
216.58.212.164
52.216.214.8
0594e889fd4cba7bbf3c3e30be3aeb907d4079a452c3052a5943affae7db80e0
093231dbe428085369285fa2ff04cdd38cb443e5bc84822acf8b464bf65eb649
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2b9ecf2d14b07bcb2fc8cf9503557997adee7d9e0e65e30ab60933d86506df08
30712234ced1fdab869d4dd7ff8438da2db9dd1a719df344e0ca9d457f44b6ee
320782cb47300e862e9a4d9379adef683aa3b72ea5e27f11460402b6205c5280
35448ad5bb034fa8cd48dc2051ab27c9da478a3642c0950c0b21710a73ec55a1
3ab33bb0bbe4859490b38cc5998b51a6ee84641420447a63da354886a6bd4a02
433d978560aba94add72d4f5536b210161296464f4e379382c608762545c0dfb
461c72861b215631577827fe7b8c952950ae50bd7264dafa37e666820e1fb4b4
47d2d7948fee875924651bec17d59b5618e57d61eaa24fc158cd73ab8c5fe740
485d6b6c245a90ba1b766e47fa0e1fe6386a271488b4da70e502d6816053f4f6
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
56b65f5898880184694d21db6cefd40f2327a770c050d549d000cd59ff3c4351
57f3c09b80383a316b7357fd5bd4c06df88d31be4de0a5fd1e61ce4c9a1279a6
5842c46db42f5b19dd5da1b75327c6a5286bfb7baf497b3dec9840c27d4a50fb
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
60ed57eaa6d2d51bbb7aed7ad8ac9ee25b2fe7e5d43a7a48db74684b4dc181ff
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64f8a95f3dcd8f60cf9420c9d0cfbf6d96357aa21541afafe94b75132d324715
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
6a75b0f653fb2b3b63c734f6ffe85670f55014f6aaa2f6515414bf8a5eb16d41
870ccc11c716eef14e1c515aed13acfedfd486cd6213b67a032065397e660bb1
88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2
910cb920d4e23520a2454855f9230caa54b12d8d1115161cc26abd567de92fe4
9538ac59d0d5b6f9017aafe483f255bca2e6ae134f0c00f7ba7615b5276fab76
9c4dfd9c409b3dad1a23994d7d142a50e271e2940183d961694a02642ce4e53c
9feba192f1c94952504924e3722f7bd269271d016a81fe3d57c757d0275603bd
ab1bef80c1b8d16d0c7b3fc257e4ad34a066e961649e0aeabf0e90be8c287d0c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace6125e3d5cb534121b9e65108672e1b39f053684cf6aa055285b391c064136
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b1cd740e00792fc54391aa40ae1b5115c39021b67a3e4552575d01bfb23a54bb
b5eabdcfd6f65e18c17b0864ccd2bbf3ab8f7395226990a7d5e3f17c7ab1fa7a
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
ba761c9d6dcceb3ad7ab2c6df3c4ce4b0067a82a70b8808d8fb37195c7ad0c7e
babc082ed7ad8d2a49274c84acdc8b3579264fe38bc574809c9366c4a9e8e668
bca633408ce22c0e52d795a1c5e6e525b786685f35e1be297af583b0d242ef5d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d141e4f1c3e66176f55117b5dca00d5f925f5e28f57f2aca99990007c1b18dfe
da669bc670d4ca12d0daad2a4b5dac5f43b5e4998096aedfbccb81ae1684cead
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71252a23d8dbca5e14cb81604ec9d3bd0e2b619f083839d6ce814184d3f98c6
e9ae7271f418463d4bf1fdcedd88bc64565adc677c972f44817f20d43aca7c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f056cce35d2581382ff049340aedfb93770bd03f0dde85396034bc4e5b468436
fda80d24f1bfe5a68b5f719a1febecfe747c79720e3a26b4b78b6a42b67b37b7